HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's web browser within the security context of the hosting web site and/or steal the victim's cookie-based authentication credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hcltech hcl inotes 11.0.1 |
||
hcltech hcl inotes 10.0.1 |
||
hcltech hcl inotes 9.0.1 |
||
hcltech hcl inotes 10.0 |
||
hcltech hcl inotes 11.0 |
||
hcltech hcl inotes 12.0 |
||
hcltech hcl inotes 12.0.1 |
||
hcltech domino 10.0.1 |
||
hcltech domino 9.0.1 |
||
hcltech domino 11.0 |
||
hcltech domino 11.0.1 |
||
hcltech domino 9.0 |
||
hcltech domino 10.0 |
||
hcltech domino 12.0 |
||
hcltech domino 12.0.1 |