CVE-2025-31988

Description

HCL Digital Experience is susceptible to cross site scripting (XSS) in an administrative UI with restricted access.

CVSS breakdown

Affected products

• HCL Software / Digital Experience8.5, 9.0, 9.5 – 8.5, 9.0, 9.5

References

• MISChttps://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123435