Hcltech Connections

22 CVEs affecting Hcltech Connections. Latest disclosed: 2026-03-19. Critical: 0, High: 0.

Top CVEs affecting Hcltech Connections
CVESeverityScorePublishedSummary
CVE-2020-4085Medium6.52020-04-22"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user."
CVE-2019-4209Medium6.12020-05-01HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability which could be exploited by an attacker to conduct phishing attacks.
CVE-2023-28018Medium5.52024-02-12HCL Connections is vulnerable to a denial of service, caused by improper validation on certain requests. Using a specially-crafted request an attacker could ex…
CVE-2020-4083Medium5.52020-03-05HCL Connections 6.5 is vulnerable to possible information leakage. Connections could disclose sensitive information via trace logs to a local user.
CVE-2026-21788Medium5.42026-03-19HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an…
CVE-2024-30112Medium5.42024-06-25HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an…
CVE-2023-28017Medium5.42023-12-07HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an…
CVE-2023-37533Medium5.42023-11-09HCL Connections is vulnerable to reflected cross-site scripting (XSS) where an attacker may leverage these issues to execute arbitrary script code in the brows…
CVE-2020-4084Medium5.42020-03-09HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI t…
CVE-2020-4082Medium5.42020-03-05The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploi…
CVE-2025-31961Low3.72025-08-15HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
CVE-2024-42188Low3.72024-11-14HCL Connections is vulnerable to a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios.
CVE-2025-52603Low3.52026-02-20HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information wh…
CVE-2025-52639Low3.52025-11-18HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitle…
CVE-2024-42209Low3.52025-07-17HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, whic…
CVE-2024-42208Low3.52025-04-04HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, cau…
CVE-2024-30106Low3.52024-10-28HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain…
CVE-2024-30118Low3.52024-10-09HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to beca…
CVE-2023-37541Low3.52024-06-25HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
CVE-2024-30107Low3.52024-04-18HCL Connections contains a broken access control vulnerability that may expose sensitive information to unauthorized users in certain scenarios.