CVE-2022-38662: HCL Digital Experience is susceptible to open redirects
First published: Thu Dec 15 2022(Updated: )
In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.
Credit: psirt@hcl.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hcltech Hcl Digital Experience | =8.5 | |
| Hcltech Hcl Digital Experience | =9.0 | |
| Hcltech Hcl Digital Experience | =9.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2022-38662.
What is the severity level of CVE-2022-38662 vulnerability?
The severity level of CVE-2022-38662 vulnerability is medium.
Which software versions are affected by CVE-2022-38662 vulnerability?
The software versions affected by CVE-2022-38662 vulnerability are HCL Digital Experience 8.5, 9.0, and 9.5.
How can an attacker exploit CVE-2022-38662 vulnerability?
An attacker can exploit CVE-2022-38662 vulnerability by constructing URLs to redirect users to untrusted sites.
Is there a fix available for CVE-2022-38662 vulnerability?
Yes, a fix for CVE-2022-38662 vulnerability is available. Refer to the vendor's support article for more information: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102141
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/title
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/tags
- agent/event
- agent/first-publish-date
- vendor/hcltech
- canonical/hcltech hcl digital experience
- version/hcltech hcl digital experience/8.5
- version/hcltech hcl digital experience/9.0
- version/hcltech hcl digital experience/9.5