Unrated severityNVD Advisory· Published Oct 18, 2023· Updated Sep 13, 2024

An unrestricted file upload vulnerability affects HCL Compass

CVE-2023-37502

Description

HCL Compass is vulnerable to lack of file upload security. An attacker could upload files containing active code that can be executed by the server or by a user's web browser.

Affected products

HCL Software/Compassllm-fuzzy
HCL Software/Hcl Compass2.0cpe-rescue
Range: 2.0, 2.1, 2.2

Patches

Vulnerability mechanics

References

support.hcltechsw.com/csmmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000