CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

191 matches found

Cvelist•added 2025/04/30 9:15 p.m.•36 views

CVE-2024-30145 HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability

Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications...

6.5CVSS0.0021EPSS

Exploits0References1

Cvelist•added 2025/04/30 9:14 p.m.•21 views

CVE-2024-30115 HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS0.00196EPSS

Exploits0References1

Vulnrichment•added 2025/04/30 9:14 p.m.•7 views

CVE-2024-30115 HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS7.4AI score0.00196EPSS

Exploits0References1

CVE•added 2025/04/30 9:14 p.m.•58 views

CVE-2024-30115

CVE-2024-30115 affects HCL Leap (and related Domino Leap) with an insufficient sanitization policy that allows client-side script injection through the HTML widget. Concrete details across sources indicate an XSS risk, but the available documents do not specify affected versions or a confirmed ex...

6.3CVSS6.6AI score0.00196EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/04/30 9:7 p.m.•6 views

CVE-2022-42450 HCL Domino Volt is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...

4.6CVSS7.4AI score0.00182EPSS

Exploits0References1

Cvelist•added 2025/04/30 9:7 p.m.•17 views

CVE-2022-42450 HCL Domino Volt is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...

4.6CVSS0.00182EPSS

Exploits0References1

CVE•added 2025/04/30 9:7 p.m.•47 views

CVE-2022-42450

CVE-2022-42450 concerns HCL Domino Volt. The issue is improper sanitization of SVG files in deployed Domino Volt applications, enabling client-side script injection (XSS) via SVG content. Documents specify CVSS base scores (NVD: 5.4/ MEDIUM; with UI:R, S:C, etc.; user interaction required) but do...

5.4CVSS5AI score0.00182EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/04/30 12:0 a.m.•2 views

HCL Domino Volt和HCL Domino Leap 安全漏洞

HCL Domino Volt and HCL Domino Leap are both products of HCL India.HCL Domino Volt is a low-code application development solution based on the Domino platform.HCL Domino Leap is a cloud-based collaboration platform that modernizes traditional Domino applications. A security vulnerability exists i...

6.5CVSS6.7AI score0.0021EPSS

Exploits0References1

Positive Technologies•added 2025/04/30 12:0 a.m.•3 views

PT-2025-18337 · Hcl · Domino Leap +1

Name of the Vulnerable Software and Affected Versions: HCL Domino Volt and Domino Leap affected versions not specified Description: The issue allows client-side script injection in the authoring environment and deployed applications. This can be achieved through multiple vectors in HCL Domino Vol...

6.5CVSS6.3AI score0.0021EPSS

Exploits0References6

Positive Technologies•added 2025/04/30 12:0 a.m.•3 views

PT-2025-18336 · Hcl · Hcl Leap

Name of the Vulnerable Software and Affected Versions: HCL Leap affected versions not specified Description: The issue is related to an insufficient sanitization policy, which allows client-side script injection in the deployed application. This can be achieved through the HTML widget...

6.3CVSS6.1AI score0.00196EPSS

Exploits0References5

OSV•added 2025/04/29 2:38 p.m.•8 views

GHSA-2F8P-QQX2-GWR2 YesWiki Vulnerable to Unauthenticated Reflected Cross-site Scripting

Summary Reflected XSS has been detected in the file upload form. Vulnerability can be exploited without authentication This Proof of Concept has been performed using the followings: - YesWiki v4.5.3 doryphore-dev branch - Docker environnment docker/docker-compose.yml Vulnerable code The...

7.6CVSS6.2AI score0.00582EPSS

Exploits1References6

RedhatCVE•added 2025/04/26 5:1 p.m.•13 views

CVE-2024-30113

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS7AI score0.00243EPSS

Exploits0References3

Cvelist•added 2025/04/24 8:38 p.m.•19 views

CVE-2022-44759 HCL Leap is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications...

4.6CVSS0.00182EPSS

Exploits0References1

Vulnrichment•added 2025/04/24 8:38 p.m.•6 views

CVE-2022-44759 HCL Leap is affected by Cross-site scripting (XSS)

Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications...

4.6CVSS7.5AI score0.00182EPSS

Exploits0References1

CVE•added 2025/04/24 8:38 p.m.•49 views

CVE-2022-44759

CVE-2022-44759 concerns an issue in HCL Leap where improper sanitization of SVG files enables client-side script injection in deployed applications. The core detail across sources is that SVG content is not adequately cleaned, creating an XSS-like vulnerability in affected HCL Leap deployments. S...

5.4CVSS5AI score0.00182EPSS

Exploits0References1Affected Software1

OSV•added 2025/04/24 5:15 p.m.•4 views

CVE-2024-30147

Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications...

6.1CVSS5.8AI score0.0021EPSS

Exploits0References1

NVD•added 2025/04/24 5:15 p.m.•12 views

CVE-2024-30114

Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment...

5.4CVSS0.00193EPSS

Exploits0References1

NVD•added 2025/04/24 5:15 p.m.•18 views

CVE-2024-30113

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS0.00243EPSS

Exploits0References1

Vulnrichment•added 2025/04/24 4:23 p.m.•10 views

CVE-2024-30113 HCL Leap is affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS7.4AI score0.00243EPSS

Exploits0References1

Cvelist•added 2025/04/24 4:23 p.m.•30 views

CVE-2024-30113 HCL Leap is affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS0.00243EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by