Vulnerabilities > Hcltech > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-02 | CVE-2020-4081 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS). | 6.1 |
| 2021-02-02 | CVE-2020-14221 | Unspecified vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users. | 4.9 |
| 2020-12-22 | CVE-2020-14270 | Improper Handling of Exceptional Conditions vulnerability in Hcltech Domino HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. | 5.3 |
| 2020-12-21 | CVE-2020-14225 | HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. | 6.5 |
| 2020-12-18 | CVE-2020-14271 | Cross-site Scripting vulnerability in Hcltech HCL Inotes HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |
| 2020-12-18 | CVE-2020-4080 | Cross-site Scripting vulnerability in Hcltech Domino HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |
| 2020-12-16 | CVE-2020-14248 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Bigfix Platform BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | 5.3 |
| 2020-12-02 | CVE-2020-4102 | Classic Buffer Overflow vulnerability in Hcltech Notes HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. | 6.7 |
| 2020-12-01 | CVE-2020-4128 | Unspecified vulnerability in Hcltech Domino HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. | 5.3 |
| 2020-12-01 | CVE-2020-4129 | Unspecified vulnerability in Hcltech HCL Domino 10.0.1/9.0.1 HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service. | 5.3 |