Lucene search
K

191 matches found

Cvelist
Cvelist
added 2025/04/30 9:15 p.m.37 views

CVE-2024-30145 HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability

Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications...

6.5CVSS0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/30 9:14 p.m.7 views

CVE-2024-30115 HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS7.4AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/30 9:14 p.m.25 views

CVE-2024-30115 HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS0.00196EPSS
Exploits0References1
CVE
CVE
added 2025/04/30 9:14 p.m.60 views

CVE-2024-30115

CVE-2024-30115 affects HCL Leap (and related Domino Leap) with an insufficient sanitization policy that allows client-side script injection through the HTML widget. Concrete details across sources indicate an XSS risk, but the available documents do not specify affected versions or a confirmed ex...

6.3CVSS6.6AI score0.00196EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/30 9:7 p.m.18 views

CVE-2022-42450 HCL Domino Volt is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...

4.6CVSS0.00182EPSS
Exploits0References1
CVE
CVE
added 2025/04/30 9:7 p.m.52 views

CVE-2022-42450

CVE-2022-42450 concerns HCL Domino Volt. The issue is improper sanitization of SVG files in deployed Domino Volt applications, enabling client-side script injection (XSS) via SVG content. Documents specify CVSS base scores (NVD: 5.4/ MEDIUM; with UI:R, S:C, etc.; user interaction required) but do...

5.4CVSS5AI score0.00182EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/30 9:7 p.m.6 views

CVE-2022-42450 HCL Domino Volt is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...

4.6CVSS7.4AI score0.00182EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.4 views

PT-2025-18337 · Hcl · Domino Leap +1

Name of the Vulnerable Software and Affected Versions: HCL Domino Volt and Domino Leap affected versions not specified Description: The issue allows client-side script injection in the authoring environment and deployed applications. This can be achieved through multiple vectors in HCL Domino Vol...

6.5CVSS6.3AI score0.0021EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.2 views

HCL Domino Volt和HCL Domino Leap 安全漏洞

HCL Domino Volt and HCL Domino Leap are both products of HCL India.HCL Domino Volt is a low-code application development solution based on the Domino platform.HCL Domino Leap is a cloud-based collaboration platform that modernizes traditional Domino applications. A security vulnerability exists i...

6.5CVSS6.7AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.4 views

PT-2025-18336 · Hcl · Hcl Leap

Name of the Vulnerable Software and Affected Versions: HCL Leap affected versions not specified Description: The issue is related to an insufficient sanitization policy, which allows client-side script injection in the deployed application. This can be achieved through the HTML widget...

6.3CVSS6.1AI score0.00196EPSS
Exploits0References5
OSV
OSV
added 2025/04/29 2:38 p.m.8 views

GHSA-2F8P-QQX2-GWR2 YesWiki Vulnerable to Unauthenticated Reflected Cross-site Scripting

Summary Reflected XSS has been detected in the file upload form. Vulnerability can be exploited without authentication This Proof of Concept has been performed using the followings: - YesWiki v4.5.3 doryphore-dev branch - Docker environnment docker/docker-compose.yml Vulnerable code The...

7.6CVSS6.2AI score0.00582EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/04/26 5:1 p.m.17 views

CVE-2024-30113

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS7AI score0.00243EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/24 8:38 p.m.19 views

CVE-2022-44759 HCL Leap is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications...

4.6CVSS0.00182EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/24 8:38 p.m.6 views

CVE-2022-44759 HCL Leap is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications...

4.6CVSS7.5AI score0.00182EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 8:38 p.m.51 views

CVE-2022-44759

CVE-2022-44759 concerns an issue in HCL Leap where improper sanitization of SVG files enables client-side script injection in deployed applications. The core detail across sources is that SVG content is not adequately cleaned, creating an XSS-like vulnerability in affected HCL Leap deployments. S...

5.4CVSS5AI score0.00182EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/04/24 5:15 p.m.6 views

CVE-2024-30147

Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications...

6.1CVSS5.8AI score0.0021EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 5:15 p.m.13 views

CVE-2024-30114

Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment...

5.4CVSS0.00193EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 5:15 p.m.24 views

CVE-2024-30113

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/24 4:23 p.m.10 views

CVE-2024-30113 HCL Leap is affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS7.4AI score0.00243EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:23 p.m.53 views

CVE-2024-30113

The CVE-2024-30113 issue affects HCL Leap, specifically the HTML widget, where insufficient sanitization policy enables client-side script injection. The problem is described across multiple connected records as an XSS risk in HCL Leap’s deployment, without explicit exploitation details provided....

6.3CVSS7.2AI score0.00243EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder