HIGH🇬🇧 English

CVE-2025-52653

CVSS 7.6v3.1pub. 2025-10-03upd. 2025-10-08

HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of unauthorized scripts, potentially resulting in unauthorized actions or access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H
  • Hcltech Dryice Myxalytics

    APP
    Hcltech
    6.6
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2025-52656HIGH7.6ten sam produkt

HCL MyXalytics: 6.6.  is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is ...

CVE-2024-42169HIGH7.1ten sam produkt

HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control chec...

CVE-2024-42168HIGH8.9ten sam produkt

HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web se...

CVE-2023-45724HIGH8.2ten sam produkt

HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application pe...

CVE-2023-50342HIGH7.1ten sam produkt

HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A user can obt...