VYPR

Digital Experience Compose

by HCLTech

CVEs (2)

  • CVE-2026-21826MedJun 5, 2026
    risk 0.40cvss 6.1epss 0.00

    HCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injection.  An attacker can manipulate the Host header and cause the application to behave in unexpected ways.

  • CVE-2026-21825MedJun 5, 2026
    risk 0.40cvss 6.1epss 0.00

    HCL Digital Experience Compose is affected by a reflected cross-site scripting (XSS) vulnerability in the search center.  An attacker could execute arbitrary JavaScript in the victim's browser.