CVE-2022-27545

Summary

BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL BigFix9.5, 10.0affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

References