CVE-2021-27788 (verse)

HCL Verse is susceptible to a Cross Site Scripting (XSS) vulnerability. By tricking a user into clicking a crafted URL, a remote unauthenticated attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive information.

browser clicking cookies cross site scripting cve hcl information operations script scripting sensitive information session steal tokens url victim vulnerability web web browser xss