CVE-2023-37538 Information

Description

HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email other web site).

Reference

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108006