Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4085 | 1 Hcltech | 1 Connections | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| "HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user." | |||||
| CVE-2019-4209 | 1 Hcltech | 1 Connections | 2020-05-05 | 5.8 MEDIUM | 6.1 MEDIUM |
| HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability which could be exploited by an attacker to conduct phishing attacks. | |||||
| CVE-2020-4084 | 1 Hcltech | 1 Connections | 2020-03-10 | 3.5 LOW | 5.4 MEDIUM |
| HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2020-4082 | 1 Hcltech | 1 Connections | 2020-03-06 | 3.5 LOW | 5.4 MEDIUM |
| The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. | |||||
| CVE-2020-4083 | 1 Hcltech | 1 Connections | 2020-03-06 | 2.1 LOW | 5.5 MEDIUM |
| HCL Connections 6.5 is vulnerable to possible information leakage. Connections could disclose sensitive information via trace logs to a local user. | |||||