PublicCVE
Log inSign up

CVE-2023-37534

HIGH7.1JSON exportCreate alert

Description

Insufficient URI protocol whitelist in HCL Leap allows script injection through query parameters.

CVSS breakdown

CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
None

Affected products

References