Search
Search Results (24 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4082 | 1 Hcltech | 1 Connections | 2024-11-21 | 5.4 Medium |
| The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. | ||||
| CVE-2019-4209 | 1 Hcltech | 1 Connections | 2024-11-21 | 6.1 Medium |
| HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability which could be exploited by an attacker to conduct phishing attacks. | ||||
| CVE-2024-30106 | 1 Hcltech | 1 Connections | 2024-11-08 | 3.5 Low |
| HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entitled to due to the improper handling of request data. | ||||
| CVE-2024-30118 | 1 Hcltech | 1 Connections | 2024-10-10 | 3.5 Low |
| HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to because of improperly handling the request data. | ||||