Known Vulnerabilities for Hcl Digital Experience by Hcltech
Listed below are 4 of the newest known vulnerabilities associated with "Hcl Digital Experience" by "Hcltech".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-21837 json | HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API. An attacke... | Not Provided | 2026-06-05 | 2026-06-09 |
| CVE-2026-21826 json | HCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injection. An attacker can ma... | Not Provided | 2026-06-05 | 2026-06-09 |
| CVE-2026-21825 json | HCL Digital Experience Compose is affected by a reflected cross-site scripting (XSS) vulnerability in the search center. An... | Not Provided | 2026-06-05 | 2026-06-09 |
| CVE-2022-38902 json | A Cross-site scripting (XSS) vulnerability in the Blog module - add new topic functionality in Liferay Digital Experience Pla... | Not Provided | 2022-10-13 | 2026-07-09 |
| CVE-2022-38901 json | A Cross-site scripting (XSS) vulnerability in the Document and Media module - file upload functionality in Liferay Digital Ex... | Not Provided | 2022-10-19 | 2026-07-09 |
| CVE-2022-38662 json | In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites. | 6.1 - MEDIUM | 2022-12-19 | 2023-11-07 |
| CVE-2021-27774 json | User input included in error response, which could be used in a phishing attack. | 5.4 - MEDIUM | 2022-09-22 | 2022-09-24 |
| CVE-2020-14222 json | HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflecte... | 6.1 - MEDIUM | 2020-11-05 | 2020-11-13 |
| CVE-2020-4101 json | "HCL Digital Experience is susceptible to Server Side Request Forgery." | 9.8 - CRITICAL | 2020-06-11 | 2020-06-17 |