Hcltech: >> Hcl Leap >> 9.3.7 Security Vulnerabilities
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
CVSS Score
3.2
EPSS Score
0.0
Published
2025-04-24
Multiple vectors in HCL Leap allow client-side
script injection in the authoring environment and deployed applications.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-04-24
Improper access control of endpoint in HCL Leap
allows certain admin users to import applications from the
server's filesystem.
CVSS Score
4.1
EPSS Score
0.0
Published
2025-04-24