Vulnerabilities > Hcltech > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-06 | CVE-2021-27758 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Bigfix Inventory There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system blocked victim's account. | 6.5 |
| 2022-05-06 | CVE-2021-27759 | Insufficient Verification of Data Authenticity vulnerability in Hcltech Bigfix Inventory This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. | 6.5 |
| 2022-05-06 | CVE-2021-27760 | Unspecified vulnerability in Hcltech HCL Inotes 11.0.0/11.0.1 An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. | 5.5 |
| 2022-05-06 | CVE-2021-27764 | Incorrect Permission Assignment for Critical Resource vulnerability in Hcltech Bigfix Webui Cookie without HTTPONLY flag set. | 6.5 |
| 2022-02-21 | CVE-2021-27753 | Path Traversal vulnerability in Hcltech HCL Sametime "Sametime Android PathTraversal Vulnerability" | 5.5 |
| 2022-02-21 | CVE-2021-27755 | Path Traversal vulnerability in Hcltech HCL Sametime "Sametime Android potential path traversal vulnerability when using File class" | 5.5 |
| 2021-02-02 | CVE-2020-4081 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS). | 6.1 |
| 2021-02-02 | CVE-2020-14221 | Unspecified vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users. | 4.9 |
| 2020-12-22 | CVE-2020-14270 | Improper Handling of Exceptional Conditions vulnerability in Hcltech Domino HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. | 5.3 |
| 2020-12-21 | CVE-2020-14225 | HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. | 6.5 |