Spoofing

2020-12-2118:15:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.6%

JSON

HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vulnerability to trick the end user into entering sensitive information such as credentials, e.g. as part of a phishing attack.

CPENameOperatorVersion
hcl_inoteseq10.0.1 fixpack1
hcl_inoteseq10.0.1 fixpack2
hcl_inoteseq10.0.1 fixpack3
hcl_inoteseq10.0.1 fixpack4
hcl_inoteseq10.0.1
hcl_inoteseq11.0.0
hcl_inoteseq9.0.1 fixpack-9
hcl_inoteseq9.0.1 fixpack-8
hcl_inoteseq9.0.1 fixpack9interimfix1
hcl_inoteslt9.0.1

Name	Operator	Version
hcl_inotes	eq	10.0.1 fixpack1
hcl_inotes	eq	10.0.1 fixpack2
hcl_inotes	eq	10.0.1 fixpack3
hcl_inotes	eq	10.0.1 fixpack4
hcl_inotes	eq	10.0.1
hcl_inotes	eq	11.0.0
hcl_inotes	eq	9.0.1 fixpack-9
hcl_inotes	eq	9.0.1 fixpack-8
hcl_inotes	eq	9.0.1 fixpack9interimfix1
hcl_inotes	lt	9.0.1

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085915