Hcltech Hcl_inotes
7 CVEs affecting Hcltech Hcl_inotes. Latest disclosed: 2022-08-29. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-27546 | High | 8.3 | 2022-08-29 | HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POS… |
CVE-2020-14225 | Medium | 6.5 | 2020-12-21 | HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vu… |
CVE-2022-27547 | Medium | 6.1 | 2022-08-29 | HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive inf… |
CVE-2020-14271 | Medium | 6.1 | 2020-12-18 | HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated… |
CVE-2022-27558 | Medium | 5.9 | 2022-08-29 | HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could all… |
CVE-2020-4126 | Medium | 5.9 | 2020-12-01 | HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting… |
CVE-2021-27760 | Medium | 4.6 | 2022-05-06 | An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An authenticated Sametime chat user could cause Remote Code Execut… |