Dfxanalytics

HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit browser-specific rendering flaws or bypass security controls that should instead be managed by a robust Content Security Policy (CSP).

Published: 2026-05-06T10:27:08.190Z
Updated: 2026-05-06T12:04:16.597Z

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations.

Published: 2026-05-06T10:26:25.727Z
Updated: 2026-05-06T13:02:28.490Z

HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information.

Published: 2026-05-06T10:25:29.564Z
Updated: 2026-05-06T13:22:27.255Z

HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the application.

Published: 2026-05-06T10:24:54.696Z
Updated: 2026-05-06T14:05:59.667Z

HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability where the Content-Security-Policy does not define strict directives for object-src and base-uri, which could allow an attacker to exploit injection vectors such as Cross-Site Scripting (XSS)

Published: 2026-05-06T10:22:41.866Z
Updated: 2026-05-07T13:09:17.233Z