VYPR
Unrated severityNVD Advisory· Published Dec 18, 2020· Updated Aug 4, 2024

CVE-2020-14271

CVE-2020-14271

Description

HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated remote attacker could exploit this vulnerability using specially-crafted markup to execute script in a victim's web browser within the security context of the hosting Web site and/or steal the victim's cookie-based authentication credentials.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.