Medium severity6.5NVD Advisory· Published May 14, 2024· Updated Apr 15, 2026
CVE-2023-37526
CVE-2023-37526
Description
HCL DRYiCE Lucy (now AEX) is affected by a Cross Origin Resource Sharing (CORS) vulnerability. The mobile app is vulnerable to a CORS misconfiguration which could potentially allow unauthorized access to the application resources from any web domain and enable cache poisoning attacks.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.