CVE-2026-21826

medium

Description

HCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injection. An attacker can manipulate the Host header and cause the application to behave in unexpected ways.

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130849

Details

Source: Mitre, NVD

Published: 2026-06-05

Updated: 2026-06-10

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N