CVE-2026-21825 in DX Composeinfo

Summary

by MITRE • 06/05/2026

HCL Digital Experience Compose is affected by a reflected cross-site scripting (XSS) vulnerability in the search center. An attacker could execute arbitrary JavaScript in the victim's browser.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

HCL

Reservation

01/05/2026

Disclosure

06/05/2026

Moderation

accepted

Entry

VDB-368869

CPE

ready

CWE

CWE-79 (confirmed)

CVSS

6.1 (CNA)

EPSS

0.00000

KEV

Activities

low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-21825
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-21825
CVE Details	https://www.cvedetails.com/cve/CVE-2026-21825/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!