Connections Security Vulnerabilities and Issues — Connections CVE List

Lucene search

HcltechConnections

3 matches found

CVE•added 2020/03/05 7:15 p.m.•74 views

CVE-2020-4083

HCL Connections 6.5 is vulnerable to possible information leakage. Connections could disclose sensitive information via trace logs to a local user.

5.5CVSS5.2AI score0.00053EPSS

CVE•added 2020/03/05 7:15 p.m.•69 views

CVE-2020-4082

The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting We...

5.4CVSS5.6AI score0.00166EPSS

CVE•added 2020/03/09 5:15 p.m.•56 views

CVE-2020-4084

HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.3AI score0.00343EPSS