CVE-2024-23569 PUBLISHED

Assigner: HCL
Reserved: 18.01.2024 Published: 17.07.2026 Updated: 17.07.2026

HCL Aftermarket EPC is vulnerable to attack since the server is not configured with “X-XSS-Protection" header

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVSS Score: 4.3

Product Status

Vendor HCLSoftware
Product Aftermarket EPC
Versions Default: unaffected
  • Version version 1.0.0 is affected

References

Problem Types

  • CWE-692: Incomplete Denial of Request to Insecure Resource CWE