Connections@5.5 Security Vulnerabilities and Issues — Connections@5.5 CVE List

Lucene search

HcltechConnections5.5

4 matches found

CVE•added 2020/05/01 5:15 p.m.•95 views

CVE-2019-4209

HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability which could be exploited by an attacker to conduct phishing attacks.

6.1CVSS6.2AI score0.00197EPSS

CVE•added 2020/03/05 7:15 p.m.•69 views

CVE-2020-4082

The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting We...

5.4CVSS5.6AI score0.00166EPSS

CVE•added 2020/03/09 5:15 p.m.•56 views

CVE-2020-4084

HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.3AI score0.00343EPSS

CVE•added 2020/04/22 3:15 p.m.•37 views

CVE-2020-4085

"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user."

6.5CVSS6.1AI score0.00291EPSS