HCL Launch Vulnerability: Unsanitized HTML Injection Leading to XSS and Open Redirections

HCL Launch Vulnerability: Unsanitized HTML Injection Leading to XSS and Open Redirections

CVE-2022-42452 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

HCL Launch is vulnerable to HTML injection.  HTML code is stored and included without being sanitized. This can lead to further attacks such as XSS and Open Redirections.

Learn more about our Web Application Penetration Testing UK.