HCL Launch Vulnerability: Unsanitized HTML Injection Leading to XSS and Open Redirections
CVE-2022-42452 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
HCL Launch is vulnerable to HTML injection. HTML code is stored and included without being sanitized. This can lead to further attacks such as XSS and Open Redirections.
Learn more about our Web Application Penetration Testing UK.