{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T13:48:31.360","vulnerabilities":[{"cve":{"id":"CVE-2023-37529","sourceIdentifier":"psirt@hcl.com","published":"2024-02-29T01:40:04.583","lastModified":"2025-06-03T19:15:33.057","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code into a webpage trying to retrieve cookie stored information.  This is not the same vulnerability as identified in CVE-2023-37530.\n"},{"lang":"es","value":"Una vulnerabilidad de cross-site scripting (XSS) en el componente Web Reports de HCL BigFix Platform posiblemente pueda permitir que un atacante ejecute código javascript malicioso en una página web intentando recuperar información almacenada en cookies. Esta no es la misma vulnerabilidad identificada en CVE-2023-37530."}],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N","baseScore":3.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"9.5","versionEndExcluding":"9.5.24","matchCriteriaId":"C8477E2A-0466-4415-9420-9D1183AF9FA3"},{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"10.0.11","matchCriteriaId":"35E5DFF7-4361-4A0C-A028-38FBF2A779F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:bigfix_platform:11.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C54B20CA-80AF-4E7E-A511-C208E81FB37E"}]}]}],"references":[{"url":"https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209","source":"psirt@hcl.com","tags":["Vendor Advisory"]},{"url":"https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}