Unrated severityNVD Advisory· Published Dec 21, 2023· Updated Aug 2, 2024
HCL BigFix Platform is affected by Unathenticated Stored Cross-Site Scripting (XSS)
CVE-2023-37520
Description
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. This XSS vulnerability is in the Gather Status Report, which is served by the BigFix Relay.
Affected products
2- Range: =9.5.12.68
- Range: 9.5.x, 10.0.x, 11.0.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.