Every CVE whose affected-product data names Hcltech Hcl Inotes, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-27546 — CVSS 8.3 (high): HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input…
CVE-2020-14225 — CVSS 6.5 (medium): HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated…
CVE-2020-14271 — CVSS 6.1 (medium): HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content…
CVE-2022-27547 — CVSS 6.1 (medium): HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into…
CVE-2022-27558 — CVSS 5.9 (medium): HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes…
CVE-2020-4126 — CVSS 5.9 (medium): HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the…
CVE-2021-27760 — CVSS 4.6 (medium): An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An authenticated Sametime chat user could…