Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-21 | CVE-2020-14263 | Incorrect Permission Assignment for Critical Resource vulnerability in Hcltech Traveler Companion "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK" | 3.9 |
| 2021-02-02 | CVE-2020-4081 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS). | 6.1 |
| 2021-02-02 | CVE-2020-14255 | Unspecified vulnerability in Hcltech Digital Experience 9.5 HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. | 7.5 |
| 2021-02-02 | CVE-2020-14221 | Unspecified vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users. | 4.9 |
| 2020-12-28 | CVE-2020-14273 | Improper Input Validation vulnerability in Hcltech Domino 10.0.1/11.0.0/11.0.1 HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API. | 7.5 |
| 2020-12-22 | CVE-2020-14270 | Improper Handling of Exceptional Conditions vulnerability in Hcltech Domino HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. | 5.3 |
| 2020-12-21 | CVE-2020-14225 | HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. | 6.5 |
| 2020-12-18 | CVE-2020-14271 | Cross-site Scripting vulnerability in Hcltech HCL Inotes HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |
| 2020-12-18 | CVE-2020-14224 | Out-of-bounds Write vulnerability in Hcltech Notes 9.0/9.0.1 A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |
| 2020-12-18 | CVE-2020-4080 | Cross-site Scripting vulnerability in Hcltech Domino HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |