Hcltech Hcl_inotes

7 CVEs affecting Hcltech Hcl_inotes. Latest disclosed: 2022-08-29. Critical: 0, High: 1.

Top CVEs affecting Hcltech Hcl_inotes
CVESeverityScorePublishedSummary
CVE-2022-27546High8.32022-08-29HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POS…
CVE-2020-14225Medium6.52020-12-21HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vu…
CVE-2022-27547Medium6.12022-08-29HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive inf…
CVE-2020-14271Medium6.12020-12-18HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated…
CVE-2022-27558Medium5.92022-08-29HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could all…
CVE-2020-4126Medium5.92020-12-01HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting…
CVE-2021-27760Medium4.62022-05-06An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An authenticated Sametime chat user could cause Remote Code Execut…