CVE-2025-0248

HCL iNotes is susceptible to a Reflected Cross-site Scripting XSS vulnerability caused by improper validation of user-supplied input. A remote, unauthenticated attacker can specially craft a URL to execute script in a victim's Web browser within the security context of the hosting Web site and/or...

EUVD-2025-199603

HCL iNotes is susceptible to a Reflected Cross-site Scripting XSS vulnerability caused by improper validation of user-supplied input. A remote, unauthenticated attacker can specially craft a URL to execute script in a victim's Web browser within the security context of the hosting Web site and/or...

CVE-2025-0248

HCL iNotes is susceptible to a Reflected Cross-site Scripting XSS vulnerability caused by improper validation of user-supplied input. A remote, unauthenticated attacker can specially craft a URL to execute script in a victim's Web browser within the security context of the hosting Web site and/or...

CVE-2025-0248 HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability,

HCL iNotes is susceptible to a Reflected Cross-site Scripting XSS vulnerability caused by improper validation of user-supplied input. A remote, unauthenticated attacker can specially craft a URL to execute script in a victim's Web browser within the security context of the hosting Web site and/or...

CVE-2025-0248

CVE-2025-0248 concerns HCL iNotes and is described across Red Hat, ENISA EUVD, NVD, and CVE lists as a Reflected Cross-site Scripting (XSS) vulnerability due to improper validation of user-supplied input. The attack requires no authentication and can be triggered by a specially crafted URL, enabl...

CVE-2025-0248 HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability,

HCL iNotes is susceptible to a Reflected Cross-site Scripting XSS vulnerability caused by improper validation of user-supplied input. A remote, unauthenticated attacker can specially craft a URL to execute script in a victim's Web browser within the security context of the hosting Web site and/or...

Hcl Inotes 安全漏洞

HCL Hcl Inotes is a software from HCL India that allows management of IBMDomino emails, scheduling of errands and other office activity management. A security vulnerability exists in Hcl Inotes that stems from improper validation of user input and could lead to a reflective cross-site scripting...

EUVD-2020-6378

Malware in sbrugna...

EUVD-2017-10675

Malware in sbrugna...

EUVD-2020-25373

Malware in sbrugna...

EUVD-2020-6424

Malware in sbrugna...

EUVD-2022-32047

Malicious code in bioql PyPI...

EUVD-2022-32048

Malicious code in bioql PyPI...

EUVD-2022-32059

Malicious code in bioql PyPI...

CVE-2020-14271

HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting XSS vulnerability due to improper handling of message content. An unauthenticated remote attacker could exploit this vulnerability using specially-crafted markup to execute script in a victim's web browser within the...

CVE-2020-14225

HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vulnerability to trick the end user into entering sensitive information such as credentials, e.g. as part of a phishing attack...

CVE-2017-1659

"HCL iNotes is susceptible to a Cross-Site Scripting XSS Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials."...

CVE-2022-27558

HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could allow users to set weak passwords, leading to easier cracking...

CVE-2022-27547

HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc...

CVE-2022-27546

HCL iNotes is susceptible to a Reflected Cross-site Scripting XSS vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's web browser with...