Hcltech Connections
By the Year
In 2023 there have been 0 vulnerabilities in Hcltech Connections . Connections did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 5 | 5.78 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Connections vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Hcltech Connections Security Vulnerabilities
HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability
CVE-2019-4209
6.1 - Medium
- May 01, 2020
HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability which could be exploited by an attacker to conduct phishing attacks.
Open Redirect
"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user
CVE-2020-4085
6.5 - Medium
- April 22, 2020
"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user."
Information Disclosure
HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scripting
CVE-2020-4084
5.4 - Medium
- March 09, 2020
HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
XSS
The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input
CVE-2020-4082
5.4 - Medium
- March 05, 2020
The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
XSS
HCL Connections 6.5 is vulnerable to possible information leakage
CVE-2020-4083
5.5 - Medium
- March 05, 2020
HCL Connections 6.5 is vulnerable to possible information leakage. Connections could disclose sensitive information via trace logs to a local user.
Insertion of Sensitive Information into Log File
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Hcltech Connections or by Hcltech? Click the Watch button to subscribe.
