VYPR

AppScan Source

by HCL Software

CVEs (3)

  • CVE-2019-16188HigSep 25, 2019
    risk 0.46cvss 7.1epss 0.01

    HCL AppScan Source before 9.03.13 is susceptible to XML External Entity (XXE) attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in…

  • CVE-2024-30149MedOct 31, 2024
    risk 0.31cvss 4.8epss 0.00

    HCL AppScan Source <= 10.6.0 does not properly validate a TLS/SSL certificate for an executable.

  • CVE-2019-4388MedDec 18, 2019
    risk 0.31cvss 4.8epss 0.01

    HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI.