Hcltechsw Hcl_commerce

7 CVEs affecting Hcltechsw Hcl_commerce. Latest disclosed: 2024-05-14. Critical: 2, High: 3.

Top CVEs affecting Hcltechsw Hcl_commerce
CVESeverityScorePublishedSummary
CVE-2020-14275Critical9.82021-01-12Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of us…
CVE-2021-27741Critical9.12021-08-13" Security vulnerability in HCL Commerce Management Center allowing XML external entity (XXE) injection"
CVE-2022-38656High8.62022-12-12HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes.
CVE-2020-14274High7.52021-01-12Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data…
CVE-2024-23576High7.12024-05-14Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of unauthorized admini…
CVE-2021-27751Medium4.42022-05-06HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are st…
CVE-2021-27785Low3.92022-07-30HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perfor…