📦 Unica
by Hcltech
🔍 What is Unica?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This CSV formula injection vulnerability in HCL Unica 12.0.0 allows attackers to execute arbitrary formulas when CSV files are opened in spreadsheet applications like Microsoft Excel. Attackers can po...
A persistent cross-site scripting (XSS) vulnerability in Unica Campaign allows attackers to inject malicious scripts into a specific field. When users view this field, the script executes in their bro...
This vulnerability allows authenticated attackers with specific permissions to perform XML External Entity (XXE) attacks against Unica applications by submitting malicious XML to exposed APIs. Success...
This CVE describes a persistent cross-site scripting (XSS) vulnerability in a specific field of the Unica Platform. An attacker can inject malicious scripts that execute in other users' browsers, pote...
CVE-2021-27777 is an XML External Entity (XXE) injection vulnerability in HCL Domino that allows attackers to read arbitrary files from the server filesystem. This affects HCL Domino servers with vuln...
A Cross-Site Request Forgery (CSRF) vulnerability in HCL Unica 12.0.0 allows attackers to trick authenticated users into performing unintended actions by submitting malicious requests. This affects ad...
A cross-site scripting (XSS) vulnerability in HCL Unica 12.0.0 allows attackers to inject malicious scripts into web pages viewed by other users. This affects organizations using HCL Unica 12.0.0 for ...
This CVE describes a file upload vulnerability in HCL Unica 12.0.0 that allows attackers to upload malicious files to the server. The vulnerability affects organizations using HCL Unica 12.0.0 and cou...
HCL Unica Platform has improper access controls that leave files unprotected, potentially exposing sensitive system or private information. Attackers could exploit this to gather intelligence for furt...
HCL Unica Platform has a misconfigured Content Security Policy (CSP) that could allow attackers to load malicious resources in users' browsers. This could lead to cross-site scripting (XSS) or clickja...
HCL Unica 12.1.10 exposes sensitive system information that could help attackers plan targeted attacks. This affects organizations using HCL Unica 12.1.10 where the vulnerability hasn't been patched....