CVE-2024-42195
LOWDescription
HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| hcltechsw | hcl_devops_deploy |
| hcltechsw | hcl_launch |
| hcltechsw | hcl_launch |
| hcltechsw | hcl_launch |
| hcltechsw | hcl_launch |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-42195? +
How severe is CVE-2024-42195? +
What products are affected by CVE-2024-42195? +
How do I check if I'm vulnerable to CVE-2024-42195? +
Related Vulnerabilities
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the admin dashboard's Autodiscover …
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the user dashboard's "Seen …
The GDPR cookies module for Backdrop CMS (before 1.x-1.3.5) doesn't sufficiently protect visitors from Cross Site Scripting (XSS) if a …
CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting …
It is possible to inject HTML code into the page content using the "content" field in the "Application definition" page. …
Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in …