CVE-2022-42450 HCL Domino Volt is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...

PT-2025-18336 · Hcl · Hcl Leap

Name of the Vulnerable Software and Affected Versions: HCL Leap affected versions not specified Description: The issue is related to an insufficient sanitization policy, which allows client-side script injection in the deployed application. This can be achieved through the HTML widget...

HCL Domino Volt和HCL Domino Leap 安全漏洞

HCL Domino Volt and HCL Domino Leap are both products of HCL India.HCL Domino Volt is a low-code application development solution based on the Domino platform.HCL Domino Leap is a cloud-based collaboration platform that modernizes traditional Domino applications. A security vulnerability exists i...

PT-2025-18337 · Hcl · Domino Leap +1

Name of the Vulnerable Software and Affected Versions: HCL Domino Volt and Domino Leap affected versions not specified Description: The issue allows client-side script injection in the authoring environment and deployed applications. This can be achieved through multiple vectors in HCL Domino Vol...

GHSA-2F8P-QQX2-GWR2 YesWiki Vulnerable to Unauthenticated Reflected Cross-site Scripting

Summary Reflected XSS has been detected in the file upload form. Vulnerability can be exploited without authentication This Proof of Concept has been performed using the followings: - YesWiki v4.5.3 doryphore-dev branch - Docker environnment docker/docker-compose.yml Vulnerable code The...

CVE-2024-30113

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

CVE-2022-44759 HCL Leap is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications...

CVE-2022-44759 HCL Leap is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications...

CVE-2022-44759

CVE-2022-44759 concerns an issue in HCL Leap where improper sanitization of SVG files enables client-side script injection in deployed applications. The core detail across sources is that SVG content is not adequately cleaned, creating an XSS-like vulnerability in affected HCL Leap deployments. S...

CVE-2024-30147

Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications...

CVE-2024-30114

Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment...

CVE-2024-30113

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

CVE-2024-30113

The CVE-2024-30113 issue affects HCL Leap, specifically the HTML widget, where insufficient sanitization policy enables client-side script injection. The problem is described across multiple connected records as an XSS risk in HCL Leap’s deployment, without explicit exploitation details provided....

CVE-2024-30113 HCL Leap is affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

CVE-2024-30113 HCL Leap is affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

CVE-2024-30114 HCL Leap is affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment...

CVE-2024-30114 HCL Leap is affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment...

CVE-2024-30147 HCL Leap is affected by a cross-site scripting (XSS) vulnerability

Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications...

CVE-2024-30147

CVE-2024-30147 affects HCL Leap with multiple vectors enabling client-side script injection in the authoring environment and deployed applications. The provided documents confirm an XSS-type issue and give CVSS-based severity (MEDIUM) but do not disclose a specific patched version or definitive r...

HCL Leap 安全漏洞

HCL Leap is a low-code development platform from HCL India. HCL Leap suffers from a security vulnerability that stems from an inadequate cleanup policy that allows client-side scripts to be injected in deployed applications via HTML widgets...