Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-27546

HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's web browser within the security context of the hosting web site and/or steal the victim's cookie-based authentication credentials.

Published

2022-08-29T16:15:08.443

Last Modified

2024-11-21T06:55:56.677

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.3 (HIGH)

Weaknesses

Type: Secondary
CWE-79
Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	hcltech	hcl_inotes	9.0.1	Yes
Application	hcltech	hcl_inotes	9.0.1	Yes
Application	hcltech	hcl_inotes	9.0.1	Yes
Application	hcltech	hcl_inotes	9.0.1	Yes
Application	hcltech	hcl_inotes	9.0.1	Yes
Application	hcltech	hcl_inotes	9.0.1	Yes
Application	hcltech	hcl_inotes	9.0.1	Yes
Application	hcltech	hcl_inotes	9.0.1	Yes
Application	hcltech	hcl_inotes	9.0.1	Yes
Application	hcltech	hcl_inotes	10.0	Yes
Application	hcltech	hcl_inotes	10.0.1	Yes
Application	hcltech	hcl_inotes	10.0.1	Yes
Application	hcltech	hcl_inotes	10.0.1	Yes
Application	hcltech	hcl_inotes	10.0.1	Yes
Application	hcltech	hcl_inotes	10.0.1	Yes
Application	hcltech	hcl_inotes	10.0.1	Yes
Application	hcltech	hcl_inotes	10.0.1	Yes
Application	hcltech	hcl_inotes	10.0.1	Yes
Application	hcltech	hcl_inotes	10.0.1	Yes
Application	hcltech	hcl_inotes	11.0	Yes
Application	hcltech	hcl_inotes	11.0.1	Yes
Application	hcltech	hcl_inotes	11.0.1	Yes
Application	hcltech	hcl_inotes	11.0.1	Yes
Application	hcltech	hcl_inotes	11.0.1	Yes
Application	hcltech	hcl_inotes	11.0.1	Yes
Application	hcltech	hcl_inotes	11.0.1	Yes
Application	hcltech	hcl_inotes	12.0	Yes
Application	hcltech	hcl_inotes	12.0.1	Yes
Application	hcltech	hcl_inotes	12.0.1	Yes
Application	hcltech	domino	9.0	Yes
Application	hcltech	domino	9.0.1	Yes
Application	hcltech	domino	9.0.1	Yes
Application	hcltech	domino	9.0.1	Yes
Application	hcltech	domino	9.0.1	Yes
Application	hcltech	domino	9.0.1	Yes
Application	hcltech	domino	9.0.1	Yes
Application	hcltech	domino	9.0.1	Yes
Application	hcltech	domino	9.0.1	Yes
Application	hcltech	domino	9.0.1	Yes
Application	hcltech	domino	10.0	Yes
Application	hcltech	domino	10.0.1	Yes
Application	hcltech	domino	10.0.1	Yes
Application	hcltech	domino	10.0.1	Yes
Application	hcltech	domino	10.0.1	Yes
Application	hcltech	domino	10.0.1	Yes
Application	hcltech	domino	10.0.1	Yes
Application	hcltech	domino	10.0.1	Yes
Application	hcltech	domino	10.0.1	Yes
Application	hcltech	domino	10.0.1	Yes
Application	hcltech	domino	11.0	Yes
Application	hcltech	domino	11.0.1	Yes
Application	hcltech	domino	11.0.1	Yes
Application	hcltech	domino	11.0.1	Yes
Application	hcltech	domino	11.0.1	Yes
Application	hcltech	domino	11.0.1	Yes
Application	hcltech	domino	11.0.1	Yes
Application	hcltech	domino	12.0	Yes
Application	hcltech	domino	12.0.1	Yes
Application	hcltech	domino	12.0.1	Yes

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100216 Vendor Advisory ([email protected])
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100216 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)