Vulnerabilities > Hcltechsw > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-07-06 CVE-2022-27548 Insufficiently Protected Credentials vulnerability in Hcltechsw HCL Launch 7.0.5.10/7.1.2.6/7.2.2.1
HCL Launch stores user credentials in plain clear text which can be read by a local user.
local
low complexity
hcltechsw CWE-522
5.5
5.5
2022-07-06 CVE-2022-27549 Cleartext Storage of Sensitive Information vulnerability in Hcltechsw HCL Launch 7.0.5.10/7.1.2.6/7.2.2.1
HCL Launch may store certain data for recurring activities in a plain text format.
local
low complexity
hcltechsw CWE-312
5.5
5.5
2021-10-21 CVE-2021-27746 Cross-site Scripting vulnerability in Hcltechsw Connections 6.0
"HCL Connections Security Update for Reflected Cross-Site Scripting (XSS) Vulnerability"
network
low complexity
hcltechsw CWE-79
5.4
5.4
2021-02-04 CVE-2020-14247 Insufficient Session Expiration vulnerability in Hcltechsw Onetest Performance 10.0.0/10.1.0/9.5.0
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID.
network
low complexity
hcltechsw CWE-613
6.5
6.5
2020-12-21 CVE-2020-14225 HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content.
network
low complexity
hcltechsw hcltech
6.5
6.5
2020-07-15 CVE-2020-4100 Improper Control of Dynamically-Managed Code Resources vulnerability in Hcltechsw HCL Verse 11.0.4
"HCL Verse for Android was found to employ dynamic code loading.
local
low complexity
hcltechsw CWE-913
4.4
4.4