HIGH🇬🇧 English

CVE-2024-42210

CVSS 7.6v3.1pub. 2026-03-19upd. 2026-03-23

A Stored cross-site scripting (XSS) vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower.  Stored cross-site scripting (also known as second-order or persistent XSS) arises when an application receives data from an untrusted source and includes that data within its later HTTP responses in an unsafe way.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
  • Hcltech Unica

    APP
    Hcltech
    < 12.1.9
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2025-62319CRITICAL9.8PL ✓ten sam produkt

Boolean-Based SQL Injection umożliwiający wstrzyknięcie dowolnego SQL

CVE-2025-51735HIGH7.5ten sam produkt

CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0.

CVE-2023-37498HIGH8.1ten sam produkt

A user is capable of assigning him/herself to arbitrary groups by reusing a POST request issued by an administ...

CVE-2023-37500HIGH8.1ten sam produkt

A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform.  ...

CVE-2023-37499HIGH8.1ten sam produkt

A Persistent Cross-site Scripting (XSS) vulnerability can be carried out in a certain field of the Unica Platf...

CVE-2024-42210 — HIGH 7.6 | CVEbaza.pl