Vulnerabilities > Hcltech

DATE CVE VULNERABILITY TITLE RISK
2021-02-02 CVE-2020-4081 Cross-Site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5
In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS).
network
hcltech CWE-79
4.3
2021-02-02 CVE-2020-14255 Information Exposure vulnerability in Hcltech Digital Experience 9.5
HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests.
network
low complexity
hcltech CWE-200
5.0
2021-02-02 CVE-2020-14221 Information Exposure vulnerability in Hcltech Digital Experience 8.5/9.0/9.5
HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users.
network
low complexity
hcltech CWE-200
4.0
2020-12-28 CVE-2020-14273 Improper Input Validation vulnerability in Hcltech Domino 10.0.1/11.0.0/11.0.1
HCL Domino v10 and v11 is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API.
network
low complexity
hcltech CWE-20
5.0
2020-12-22 CVE-2020-14270 Information Exposure Through AN Error Message vulnerability in Hcltech Domino
HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input.
network
low complexity
hcltech CWE-209
5.0
2020-12-21 CVE-2020-14225 HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content.
network
hcltech hcltechsw
4.3
2020-12-18 CVE-2020-14271 Cross-Site Scripting vulnerability in Hcltech HCL Inotes 10.0.1/11.0.0/11.0.1
HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content.
network
hcltech CWE-79
4.3
2020-12-18 CVE-2020-14224 Out-Of-Bounds Write vulnerability in Hcltech Notes 9.0/9.0.1
A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow.
network
low complexity
hcltech CWE-787
critical
10.0
2020-12-18 CVE-2020-4080 Cross-Site Scripting vulnerability in Hcltech Domino
HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content.
network
hcltech CWE-79
4.3
2020-12-18 CVE-2020-14232 Unspecified vulnerability in Hcltech Notes 9.0/9.0.1
A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow.
network
low complexity
hcltech
critical
9.0