CVE-2023-37534 – HCL Leap URI Protocol Whitelist Bypass Vulnerability

April 24, 2025

CVE ID : CVE-2023-37534

Published : April 24, 2025, 5:15 p.m. | 1 hour, 44 minutes ago

Description : Insufficient URI protocol whitelist in HCL Leap
allows script injection through query parameters.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-45720 – HCL Leap Directory Information Information Disclosure

Next Article CVE-2025-46538 – Webplanetsoft Inline Text Popup Cross-site Scripting Vulnerability

Highlights

CVE-2025-6492 – MarkText Regular Expression Complexity Remote Vulnerability

June 22, 2025

CVE ID : CVE-2025-6492

Published : June 22, 2025, 8:15 p.m. | 4 hours, 39 minutes ago

Description : A vulnerability has been found in MarkText up to 0.17.1 and classified as problematic. Affected by this vulnerability is the function getRecommendTitleFromMarkdownString of the file marktext/src/main/utils/index.js. The manipulation leads to inefficient regular expression complexity. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Finally, a sleek gaming laptop I can take to the office (without sacrificing power)

These jobs face the highest risk of AI takeover, according to Microsoft

Apple’s tariff costs and iPhone sales are soaring – how long until device prices are too?

5 ways to successfully integrate AI agents into your workplace

Enhancing Laravel Queries with Reusable Scope Patterns

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

Everything We Know About Livewire 4

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

Sam Altman is afraid of OpenAI’s GPT-5 creation — “The Manhattan Project feels very fast, like there are no adults in the room”

9 new features that arrived on the Windows 11 Insider Program during the second half of July 2025

CVE-2023-37534 – HCL Leap URI Protocol Whitelist Bypass Vulnerability

This month in security with Tony Anscombe – July 2025 edition

WordPress AI Engine Plugin Bug Allows Remote Code Execution – Update Now

Agent Management Interface Patterns

CVE-2025-49630 – Apache HTTP Server mod_proxy_http2 Denial of Service Vulnerability

Flowbite launches a new Design System

Gigabyte motherboards vulnerable to UEFI malware bypassing Secure Boot

CVE-2025-6492 – MarkText Regular Expression Complexity Remote Vulnerability

Test Driven Development in Agile Framework

tap v0.5.1 – audio player for the terminal

CVE-2025-32983 – NETSCOUT nGeniusONE Information Disclosure Vulnerability

CVE-2023-37534 – HCL Leap URI Protocol Whitelist Bypass Vulnerability

Related Posts