HCL iAutomate includes hardcoded credentials which may result in potential exposure of confidential data if intercepted or accessed by unauthorized parties.
HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow unauthorized access to sensitive information within the system.
HCL iAutomate is affected by a session fixation vulnerability. An attacker could hijack a victim's session ID from their authenticated session.
HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes sensitive information in the query string of that re
HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain valid indefinitely unless manually revoked, increasing the risk of unauthorized access.
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, m
HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. The application transmits sensitive or security-critical data in cleartext in a communication channel th
CWE-798: Use of Hard-coded Credentials
HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of unauthorized scripts, potentially resulting in unauthorized actions or
HCL MyCloud is affected by Improper Access Control - an unauthenticated privilege escalation vulnerability which may lead to information disclosure and potential for Server-Side Request Forgery (SSRF)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION This issue affects HCL AION: 2.0.
CWE-798 Use of Hard-coded Credentials
HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to vendor support and service access.
A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI.
HCL Digital Experience is susceptible to stored cross-site scripting (XSS) in the administrative user interface which would require elevated privileges to exploit.
HCL Digital Experience is susceptible to cross site scripting (XSS) in an administrative UI with restricted access.
A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1)
HCL MyXalytics is affected by the use of vulnerable/outdated versions which can expose the application to known security risks that could be exploited.
HCL MyXalytics v6.6 is affected by an HTML Injection. This issue occurs when untrusted input is included in the output without proper handling, potentially allowing unauthorized content injection and
HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to
Page 1+ Next →