CVE-2024-30113 – This vulnerability in HCL Leap allows attackers... (How to Fix)

Q: What is the severity of CVE-2024-30113?

CVE-2024-30113 has a CVSS score of 6.3 (MEDIUM). This vulnerability in HCL Leap allows attackers to inject malicious scripts into web applications through the HTML widget. It affects organizations using HCL Leap for application development and deployment. Successful exploitation could lead to client-side attacks against application users.

📋 TL;DR

This vulnerability in HCL Leap allows attackers to inject malicious scripts into web applications through the HTML widget. It affects organizations using HCL Leap for application development and deployment. Successful exploitation could lead to client-side attacks against application users.

💻 Affected Systems

Products:

HCL Leap

Versions: All versions prior to HCL Leap V12.0.0.1

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Affects applications using the HTML widget component in HCL Leap deployments.

📦 What is this software?

Hcl Leap by Hcltech

View all CVEs affecting Hcl Leap →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal user session cookies, credentials, or sensitive data, perform actions on behalf of authenticated users, or redirect users to malicious sites.

🟠

Likely Case

Cross-site scripting attacks leading to session hijacking, credential theft, or defacement of application interfaces.

🟢

If Mitigated

Limited impact with proper input validation and output encoding, though the vulnerability still exists at the framework level.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires the ability to inject scripts into HTML widget inputs, which typically requires some level of application access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: HCL Leap V12.0.0.1

Vendor Advisory: https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119900

Restart Required: Yes

Instructions:

1. Download HCL Leap V12.0.0.1 from HCL support portal. 2. Backup current installation and data. 3. Apply the update following HCL Leap upgrade procedures. 4. Restart the Leap server and all affected applications.

🔧 Temporary Workarounds

Input Validation Enhancement

all

Implement additional input validation and output encoding for HTML widget inputs

Content Security Policy

all

Implement strict Content Security Policy headers to limit script execution

🧯 If You Can't Patch

Implement web application firewall rules to detect and block XSS payloads
Disable or restrict HTML widget usage in critical applications

🔍 How to Verify

Check if Vulnerable:

Check HCL Leap version in administration console or via system properties. Versions below V12.0.0.1 are vulnerable.

Check Version:

Check Leap version in administration console under System Information

Verify Fix Applied:

Verify version is V12.0.0.1 or higher in administration console and test HTML widget functionality.

📡 Detection & Monitoring

Log Indicators:

Unusual HTML content in widget inputs
Script tags or JavaScript in HTML widget submissions

Network Indicators:

HTTP requests containing script injection patterns to Leap endpoints

SIEM Query:

source="leap-logs" AND ("<script" OR "javascript:" OR "onerror=" OR "onload=")

📊 Metadata

CVE ID: CVE-2024-30113

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N

CWE: CWE-79

EPSS Score: 0.06% exploit probability (17.4th percentile)

Published: April 24, 2025

Last Updated: November 17, 2025

🔗 References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119900 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-30113, you might also want to check these: