File Upload Vulnerability in HCL Compass: Exploiting Lack of Security Measures

CVE-2023-37502 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

HCL Compass is vulnerable to lack of file upload security.  An attacker could upload files containing active code that can be executed by the server or by a user's web browser.

Learn more about our Web App Pen Testing.