Unrated severityNVD Advisory· Published Mar 19, 2026· Updated Mar 19, 2026
HCL Connections is vulnerable to cross-site scripting (XSS)
CVE-2026-21788
Description
HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user which leads to executing malicious script code. This may allow the attacker steal cookie-based authentication credentials and comprise user's account then launch other attacks.
Affected products
2- HCLSoftware/Connectionsv5Range: 8
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
50- Announcing Claude Managed Agents on CloudflareCloudflare Blog · May 19, 2026
- Facebook scam promises cheap Aldi meat boxes, steals payment info insteadMalwarebytes Labs · May 19, 2026
- New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chainHelp Net Security · May 19, 2026
- The New Phishing Click: How OAuth Consent Bypasses MFAThe Hacker News · May 19, 2026
- 5 Steps to Managing Shadow AI Tools Without Slowing Down EmployeesBleepingComputer · May 18, 2026
- Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploitedHelp Net Security · May 17, 2026
- Living Off the Pipeline: Defending Against CI/CD SubversionSentinelOne Labs · May 15, 2026
- Bypassing On-Camera Age-Verification ChecksSchneier on Security · May 15, 2026
- Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026SecurityWeek · May 15, 2026
- Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182)Tenable Blog · May 15, 2026
- Cisco warns of new critical SD-WAN flaw exploited in zero-day attacksBleepingComputer · May 14, 2026
- Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin AccessThe Hacker News · May 14, 2026
- Google Launches Android Spyware Forensics Tool for High-Risk UsersInfosecurity Magazine · May 14, 2026
- Kimsuky targets organizations with PebbleDash-based toolsSecurelist · May 14, 2026
- Why Malwarebytes blocks some Yahoo Mail redirectsMalwarebytes Labs · May 14, 2026
- Vector embedding security gap exposes enterprise AI pipelinesHelp Net Security · May 14, 2026
- When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain CompromiseRapid7 Blog · May 13, 2026
- Browser Run: now running on Cloudflare Containers, it’s faster and more scalableCloudflare Blog · May 13, 2026
- Securing data centers in the agentic AI eraTenable Blog · May 13, 2026
- Microsoft says some users can't install Office on Windows 365 devicesBleepingComputer · May 13, 2026
- Android Adds Intrusion Logging for Sophisticated Spyware ForensicsThe Hacker News · May 13, 2026
- Researchers open-source a Wi-Fi cyber range for security trainingHelp Net Security · May 13, 2026
- Android 17 to expand banking scam call and privacy protectionsBleepingComputer · May 12, 2026
- Fake Claude search results lure Mac users into ClickFix attackMalwarebytes Labs · May 12, 2026
- When "idle" isn't idle: how a Linux kernel optimization became a QUIC bugCloudflare Blog · May 12, 2026
- New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network PivotsThe Hacker News · May 12, 2026
- JetBrains TeamCity vulnerability allows privilege escalation, API exposure (CVE-2026-44413)Help Net Security · May 12, 2026
- 20 Leaders Who Built the CISO Era: 2 Decades of ChangeDark Reading · May 12, 2026
- Malicious Hugging Face Repository Typosquats OpenAIInfosecurity Magazine · May 12, 2026
- State of ransomware in 2026Securelist · May 12, 2026
- Yarbo responds to robot flaws that could mow down their ownersMalwarebytes Labs · May 11, 2026
- ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and MoreThe Hacker News · May 11, 2026
- Cline Kanban Flaw Lets Websites Hijack AI Coding AgentsInfosecurity Magazine · May 7, 2026
- How Cloudflare responded to the “Copy Fail” Linux vulnerabilityCloudflare Blog · May 7, 2026
- Open-source MCP server monitoring for Python appsHelp Net Security · May 7, 2026
- Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code ExecutionUnit 42 · May 7, 2026
- New Cisco DoS flaw requires manual reboot to revive devicesBleepingComputer · May 6, 2026
- Google Chrome’s silent 4GB AI download problem [updated]Malwarebytes Labs · May 6, 2026
- CISA Urges Critical Infrastructure Providers to Make Plans to Remain Operational if hit by Cyber-AttackInfosecurity Magazine · May 6, 2026
- CISA Launches ‘CI Fortify’ to Prepare Critical Infrastructure for Geopolitical Cyber ConflictSecurityWeek · May 6, 2026
- Insights into the clustering and reuse of phone numbers in scam emailsCisco Talos Intelligence · May 6, 2026
- Conti ransomware gang member sentenced to 102 months in prisonHelp Net Security · May 5, 2026
- VIAVI CyberFlood CF1000 pushes 400G validation for multi-terabit AI data centersHelp Net Security · May 5, 2026
- Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prisonBleepingComputer · May 5, 2026
- UAT-8302 and its box full of malwareCisco Talos Intelligence · May 5, 2026
- CloudZ RAT potentially steals OTP messages using Pheno pluginCisco Talos Intelligence · May 5, 2026
- ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & MoreThe Hacker News · May 4, 2026
- Owl IRD enables one-way forensic data transfer for incident response teamsHelp Net Security · May 4, 2026
- Week in review: High-severity LPE vulnerability in the Linux kernel, cPanel 0-day exploited for monthsHelp Net Security · May 3, 2026
- The npm Threat Landscape: Attack Surface and Mitigations (Updated May 1)Unit 42 · May 2, 2026