Vulnerabilities > CVE-2020-14225

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

hcltechsw

hcltech

NVD

Published: 2020-12-21

Updated: 2020-12-23

Summary

HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vulnerability to trick the end user into entering sensitive information such as credentials, e.g. as part of a phishing attack.

Vulnerable Configurations

Part	Description	Count
Application	Hcltechsw Hcltechsw HCL Inotes 9.0.1 Hcltechsw HCL Inotes *	4
Application	Hcltech Hcltech HCL Inotes 10.0.1 Hcltech HCL Inotes 11.0.0	6

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085915

Vulnerabilities > CVE-2020-14225 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2020-14225"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2020-14225