CVE-2023-37538

HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt