Medium CVE-2026-21825 HCL Digital Experience Compose is affected by a reflected cross-site scripting (XSS) vulnerability in the search center.  An attacker could execute arbitrary JavaScript in the victim's browser. CVSS: 6.1 · CWE: CWE-79 View on NVD