cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-37496,https://securityvulnerability.io/vulnerability/CVE-2023-37496,HCL Verse is susceptible to a Stored Cross-Site Scripting (XSS) Vulnerability,"HCL Verse contains a Stored Cross Site Scripting (XSS) vulnerability that could potentially allow an attacker to inject malicious scripts into the web application. Once executed in a victim's browser, this can enable unauthorized actions or lead to the theft of sensitive data including cookies and session tokens. Proper security measures and timely updates are essential to mitigate these risks and protect user information.",Hcl Software,Hcl Verse,8.3,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2023-08-01T01:15:00.000Z,0
CVE-2023-28013,https://securityvulnerability.io/vulnerability/CVE-2023-28013,HCL Verse is susceptible to a Reflected Cross-Site Scripting (XSS) Vulnerability,"HCL Verse is susceptible to a Reflected Cross Site Scripting (XSS) vulnerability.  By tricking a user into entering crafted markup a remote, unauthenticated attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive information.
",Hcl Software,Hcl Verse,6.5,MEDIUM,0.0013599999947473407,false,,false,false,false,,,false,false,,2023-07-26T23:15:00.000Z,0
CVE-2020-4099,https://securityvulnerability.io/vulnerability/CVE-2020-4099,HCL Verse for Android is susceptible to an APK signing key check vulnerability,"The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.",Hcl Software,Hcl Verse For Android,5.9,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-11-01T18:15:00.000Z,0
CVE-2020-4080,https://securityvulnerability.io/vulnerability/CVE-2020-4080,Stored Cross-Site Scripting Vulnerability in HCL Verse by HCL Technologies,"HCL Verse versions 10 and 11 are vulnerable to a Stored Cross-Site Scripting (XSS) issue due to inadequate handling of message content. An unauthenticated remote attacker can exploit this vulnerability by crafting malicious markup to run arbitrary scripts in the web browser of a victim. This exploit operates within the security scope of the hosting website, potentially allowing the attacker to compromise cookie-based authentication credentials, leading to unauthorized access to user accounts.",HCL Software,Hcl Verse,6.1,MEDIUM,0.001509999972768128,false,,false,false,false,,,false,false,,2020-12-18T21:14:49.000Z,0
CVE-2020-4100,https://securityvulnerability.io/vulnerability/CVE-2020-4100,Dynamic Code Loading Vulnerability in HCL Verse for Android,"The dynamic code loading mechanism in HCL Verse for Android allows certain components to be loaded conditionally rather than at startup. While this approach can enhance performance and support in-app updates, it introduces a potential risk if the code loading is not securely managed. If an attacker can manipulate the request for these dynamic components, they might execute unintended code, compromising the integrity and security of the application. Proper implementation and validation are essential to mitigate these risks and protect user data.",HCL Software,"""hcl Verse For Android""",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-07-15T12:31:11.000Z,0