CVE-2024-30147 – “Oracle HCL Leap Client-Side Script Injection Vulnerability”

April 24, 2025

CVE ID : CVE-2024-30147

Published : April 24, 2025, 5:15 p.m. | 1 hour, 44 minutes ago

Description : Multiple vectors in HCL Leap allow client-side
script injection in the authoring environment and deployed applications.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-31324 – SAP NetWeaver Unauthenticated Remote Code Execution

Next Article CVE-2024-30113 – HCL Leap Cross-Site Scripting Vulnerability

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2024-30147 – “Oracle HCL Leap Client-Side Script Injection Vulnerability”

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

More From Our Main Blog: The Good, the Bad and the Ugly in Cybersecurity – Week 24

Meta’s Llama 4 ‘herd’ controversy and AI contamination, explained

Rilasciata Nobara 42: una nuova versione “rolling release”

CVE-2025-47966 – Power Automate Privilege Escalation Information Exposure

FormBook Returns: Exploiting CVE-2017-0199 via Malicious Excel Attachments in New Phishing Campaign

CVE-2025-5278 – “GNU Coreutils Sort Utility Heap Buffer Under-Read Vulnerability”

CVE-2024-13915 – Ulefone and Krüger&Matz Android Smartphones Factory Reset Service Remote Code Execution Vulnerability

CVE-2025-4268 – TOTOLINK A720R Authentication Bypass Vulnerability

Node.js 24 Is Here: What You Need to Know

CVE-2024-30147 – “Oracle HCL Leap Client-Side Script Injection Vulnerability”

Related Posts