VYPR
Unrated severityNVD Advisory· Published Dec 21, 2023· Updated Aug 2, 2024

HCL BigFix Platform is affected by Unathenticated Stored Cross-Site Scripting (XSS)

CVE-2023-37520

Description

Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. This XSS vulnerability is in the Gather Status Report, which is served by the BigFix Relay.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.