Unrated severityNVD Advisory· Published Dec 18, 2020· Updated Aug 4, 2024
CVE-2020-14271
CVE-2020-14271
Description
HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated remote attacker could exploit this vulnerability using specially-crafted markup to execute script in a victim's web browser within the security context of the hosting Web site and/or steal the victim's cookie-based authentication credentials.
Affected products
2- HCL/iNotesdescription
- Range: v9, v10, v11
Patches
Vulnerability mechanics
References
1- support.hcltechsw.com/csmmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.