VYPR

Hcl Inotes

by HCL Software

CVEs (6)

  • CVE-2022-27558Aug 29, 2022
    risk 0.00cvss epss 0.00

    HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could allow users to set weak passwords, leading to easier cracking.

  • CVE-2022-27547Aug 29, 2022
    risk 0.00cvss epss 0.00

    HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc.

  • CVE-2022-27546Aug 29, 2022
    risk 0.00cvss epss 0.01

    HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a…

  • CVE-2021-27760May 6, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An authenticated Sametime chat user could cause Remote Code Execution on another chat client by sending a specially formatted message through chat containing Javascript code.

  • CVE-2020-14258Nov 21, 2020
    risk 0.00cvss epss 0.01

    HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote unauthenticated attacker could exploit this vulnerability using a specially-crafted email message to hang the client. Versions 9, 10 and 11 are affected.

  • CVE-2020-4089Jun 26, 2020
    risk 0.00cvss epss 0.01

    HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network filesystems being leaked to a third party. All versions of HCL Notes 9, 10 and…