120 matches found
CVE-2024-30145
Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications...
CVE-2022-42450
Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...
CVE-2022-42449
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-42449
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-27562
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-27562
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2024-30145 HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability
Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications...
CVE-2024-30145 HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability
Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications...
CVE-2023-37535 HCL Domino Volt and Domino Leap are affected by a Cross-site scripting (XSS) vulnerability
Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters...
CVE-2023-37535 HCL Domino Volt and Domino Leap are affected by a Cross-site scripting (XSS) vulnerability
Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters...
CVE-2022-42450 HCL Domino Volt is affected by Cross-site scripting (XSS)
Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...
CVE-2022-42450
CVE-2022-42450 concerns HCL Domino Volt. The issue is improper sanitization of SVG files in deployed Domino Volt applications, enabling client-side script injection (XSS) via SVG content. Documents specify CVSS base scores (NVD: 5.4/ MEDIUM; with UI:R, S:C, etc.; user interaction required) but do...
CVE-2022-42450 HCL Domino Volt is affected by Cross-site scripting (XSS)
Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...
CVE-2022-42449 HCL Domino Volt is affected by an unrestricted upload of a dangerous file type
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-42449 HCL Domino Volt is affected by an unrestricted upload of a dangerous file type
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-42449
CVE-2022-42449 affects HCL Domino Volt. The root cause is an unsafe default file-type filtering policy that allows uploading .html files, enabling execution of unsafe JavaScript in deployed applications. Documents consistently describe the issue but do not provide a confirmed patch version or rem...
CVE-2022-27562 HCL Domino Volt is affected by an unrestricted upload of a dangerous file type
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-27562
CVE-2022-27562 is reported across multiple sources as a vulnerability in HCL Domino Volt caused by an unsafe default file-type filtering policy. This policy allows uploading of .html files and the execution of unsafe JavaScript in deployed applications, without publicly documented a fix in the co...
CVE-2022-27562 HCL Domino Volt is affected by an unrestricted upload of a dangerous file type
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
PT-2025-18337 · Hcl · Domino Leap +1
Name of the Vulnerable Software and Affected Versions: HCL Domino Volt and Domino Leap affected versions not specified Description: The issue allows client-side script injection in the authoring environment and deployed applications. This can be achieved through multiple vectors in HCL Domino Vol...