CVE-2023-37519

Summary

Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. This XSS vulnerability is in the Download Status Report, which is served by the BigFix Server. 

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL BigFix Platform9.5.x, 10.0.xaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References