A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform exists due to missing a specific http header attribute.
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209