CVSS 3.1 Score 9.3 of 10 (high)


Published Oct 11, 2023
Updated: Oct 18, 2023


CVE-2023-37538 is a vulnerability affecting HCL Digital Experience. This vulnerability is categorized as cross-site scripting (XSS) and specifically, reflected XSS. To exploit this vulnerability, an attacker needs to trick a user into clicking on a malicious URL delivered through email or another website. The affected products include 'fkdgh4', 'fkdgh3', and 'fkdgh2'. The base severity of this vulnerability is classified as CRITICAL, with a base score of 9.3. The impact includes high confidentiality and integrity impacts. No privileges are required for exploitation, but user interaction is necessary. The attack vector is through the network, and the availability impact is none. It is recommended to patch or update the affected products to remediate this vulnerability.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-37538 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options