Verse For Android
by HCL Software
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-21768 | 0.00 | — | 0.00 | Jun 19, 2026 | The compose-rich-editor library (v1.0.0-rc14) used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content to be executed in certain situations. | |||
| CVE-2020-4099 | 0.00 | — | 0.00 | Nov 1, 2022 | The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app. | |||
| CVE-2021-27768 | 0.00 | — | 0.00 | May 12, 2022 | Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in… | |||
| CVE-2020-4100 | 0.00 | — | 0.00 | Jul 15, 2020 | "HCL Verse for Android was found to employ dynamic code loading. This mechanism allows a developer to specify which components of the application should not be loaded by default when the application is started. Typically, core components and additional dependencies are loaded… |
- CVE-2026-21768Jun 19, 2026risk 0.00cvss —epss 0.00
The compose-rich-editor library (v1.0.0-rc14) used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content to be executed in certain situations.
- CVE-2020-4099Nov 1, 2022risk 0.00cvss —epss 0.00
The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.
- CVE-2021-27768May 12, 2022risk 0.00cvss —epss 0.00
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in…
- CVE-2020-4100Jul 15, 2020risk 0.00cvss —epss 0.00
"HCL Verse for Android was found to employ dynamic code loading. This mechanism allows a developer to specify which components of the application should not be loaded by default when the application is started. Typically, core components and additional dependencies are loaded…