First published: Fri Feb 02 2024(Updated: )
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code into a webpage trying to retrieve cookie stored information. This is not the same vulnerability as identified in CVE-2023-37530.
Credit: psirt@hcl.com
Affected Software | Affected Version | How to fix |
---|---|---|
Hcltech Bigfix Platform | >=9.5<9.5.24 | |
Hcltech Bigfix Platform | >=10.0.0<10.0.11 | |
Hcltech Bigfix Platform | =11.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.