11.0.1

CVSS 5.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

low complexity

hcltech

NVD

Published: 2022-05-06

Updated: 2022-07-29

Summary

An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An authenticated Sametime chat user could cause Remote Code Execution on another chat client by sending a specially formatted message through chat containing Javascript code.

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech HCL Inotes 11.0.1 Hcltech HCL Inotes 11.0.0	6

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0097670