Hclsoftware Digital Experience vulnerabilities
2 known vulnerabilities affecting hclsoftware/digital_experience.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-21837P2HIGHCVSS 8.8v9.52026-06-05
CVE-2026-21837 [HIGH] CWE-78 CVE-2026-21837: HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Man
HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API. An attacker may execute arbitrary operating system commands, typically inheriting the privileges of the vulnerable application, which could possibly lead to a complete system takeover and data compromise.
nvd
CVE-2025-62326P4MEDIUMCVSS 4.8v9.52026-02-20
CVE-2025-62326 [MEDIUM] CWE-79 CVE-2025-62326: HCL Digital Experience is susceptible to stored cross-site scripting (XSS) in the administrative use
HCL Digital Experience is susceptible to stored cross-site scripting (XSS) in the administrative user interface which would require elevated privileges to exploit.
nvd