Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL MyXalytics is affected by a Cross-Domain Script Include vulnerability.
Vulnerability Description
Inclusion of Functionality from Untrusted Control Sphere vulnerability in HCL MyXalytics. v6.6 allows Loading third-party scripts without integrity checks or validation can allow external code run in the application's context, risking data exposure.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
从非可信控制范围包含功能例程
Vulnerability Title
HCL MyXalytics 安全漏洞
Vulnerability Description
HCL MyXalytics是印度HCL公司的一款分析类软件产品。用于进行数据分析等相关工作。 HCL MyXalytics v6.6版本存在安全漏洞,该漏洞源于加载第三方脚本时未进行完整性检查或验证,可能导致外部代码在应用程序环境中运行,存在数据泄露风险。
CVSS Information
N/A
Vulnerability Type
N/A