Logo
Retour à la veille

CVE-2026-21825

Publié : 5 juin 2026
Modifié : 5 juin 2026
Lien officiel NVD
Score CVSS
6.1
MEDIUM

Description détaillée

HCL Digital Experience Compose is affected by a reflected cross-site scripting (XSS) vulnerability in the search center.  An attacker could execute arbitrary JavaScript in the victim's browser.

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Références et Patchs

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130849

Dernières Vulnérabilités

CVE-2026-6209

Improper Access Control, Missing Authorization vulnerability in HAVELSAN Inc. Geographic Tracking System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Geographic Tracking System: before v0.0.2.

VOIR DÉTAILS

CVE-2026-6208

Authorization bypass through User-Controlled key vulnerability in HAVELSAN Inc. Geographic Tracking System allows Exploitation of Trusted Identifiers. This issue affects Geographic Tracking System: before v0.0.2.

VOIR DÉTAILS

CVE-2026-6207

Observable response discrepancy vulnerability in HAVELSAN Inc. Geographic Tracking System allows System Footprinting. This issue affects Geographic Tracking System: before v0.0.2.

VOIR DÉTAILS