Vulnerabilities > Hcltech > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-18 | CVE-2020-14271 | Cross-site Scripting vulnerability in Hcltech HCL Inotes HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |
| 2020-12-18 | CVE-2020-4080 | Cross-site Scripting vulnerability in Hcltech Domino HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |
| 2020-12-16 | CVE-2020-14248 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Bigfix Platform BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | 5.3 |
| 2020-12-02 | CVE-2020-4102 | Classic Buffer Overflow vulnerability in Hcltech Notes HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. | 6.7 |
| 2020-12-01 | CVE-2020-4128 | Unspecified vulnerability in Hcltech Domino HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. | 5.3 |
| 2020-12-01 | CVE-2020-4129 | Unspecified vulnerability in Hcltech HCL Domino 10.0.1/9.0.1 HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service. | 5.3 |
| 2020-12-01 | CVE-2020-4126 | Missing Encryption of Sensitive Data vulnerability in Hcltech HCL Inotes HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. | 5.9 |
| 2020-11-30 | CVE-2020-4127 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech HCL Domino 10.0.1/9.0.1 HCL Domino is susceptible to a Login CSRF vulnerability. | 6.5 |
| 2020-11-05 | CVE-2020-4097 | Classic Buffer Overflow vulnerability in Hcltech Notes In HCL Notes version 9 previous to release 9.0.1 FixPack 10 Interim Fix 8, version 10 previous to release 10.0.1 FixPack 6 and version 11 previous to 11.0.1 FixPack 1, a vulnerability in the input parameter handling of the Notes Client could potentially be exploited by an attacker resulting in a buffer overflow. | 6.8 |
| 2020-11-05 | CVE-2020-14240 | Cross-site Scripting vulnerability in Hcltech Notes HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 FP6 and 11.0.1 FP1 is susceptible to a Stored Cross-site Scripting (XSS) vulnerability. | 6.1 |