5 matches found
CVE-2026-9007
CVE-2026-9007 is a reflected cross-site scripting (XSS) vulnerability in HCL Notes from HCL Software. The issue stems from improper neutralization of input during web page generation, allowing an attacker to execute arbitrary JavaScript in the context of another user. Affected product/version: HC...
CVE-2025-59873
An information exposure vulnerability exists in Vulnerability in HCL Software ZIE for Web. The application transmits sensitive session tokens and authentication identifiers within the URL query parameters . An attacker who gains access to any network log or operates a site linked from the...
CVE-2025-59873
An information exposure vulnerability exists in Vulnerability in HCL Software ZIE for Web. The application transmits sensitive session tokens and authentication identifiers within the URL query parameters . An attacker who gains access to any network log or operates a site linked from the...
HCL Software ZIE for Web 安全漏洞
HCL Software ZIE for Web is a terminal emulation software developed by the Indian company HCL. Version HCL Software ZIE for Web v16 contains a security vulnerability. This vulnerability stems from the application transmitting sensitive session tokens and authentication identifiers through URL que...
CVE-2025-31964 HCL BigFix IVR is impacted by an improper service binding configuration
Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact service availability via exposure of administrative services bound to external network interfaces instead of the local authentication interface...