CVE-2021-27774

Summary

User input included in error response, which could be used in a phishing attack.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL Digital Experience8.5, 9.0, 9.5affected

Weaknesses

  • CWE-209: CWE-209 Information Exposure Through an Error Message

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References