HCL Commerce

9.1.8-9.1.11

OTHER 1 CVE

9.1.0-9.1.8

OTHER 1 CVE

9.1.8 – 9.1.13.2

OTHER 1 CVE

9.0-9.0.1.17

OTHER 1 CVE

9.0.1, 9.1

OTHER 1 CVE

8.0-8.0.4.27

OTHER 1 CVE

CVE-2023-37532

HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system.

MEDIUM Oct 23, 2023

CVE-2022-38656

HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes.

HIGH Nov 04, 2022

CVE-2021-27785

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website.

LOW Jul 29, 2022

CVE-2021-27751

HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible.

MEDIUM May 06, 2022