Stored Cross Site Scripting (XSS) Vulnerability in HCL Verse Allows for Remote Code Execution and Data Theft

Stored Cross Site Scripting (XSS) Vulnerability in HCL Verse Allows for Remote Code Execution and Data Theft

CVE-2023-37496 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

HCL Verse is susceptible to a Stored Cross Site Scripting (XSS) vulnerability. An attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive information.

Learn more about our Web App Pen Testing.