CVE-2022-27546: HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability
First published: Mon Aug 29 2022(Updated: )
HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's web browser within the security context of the hosting web site and/or steal the victim's cookie-based authentication credentials.
Credit: psirt@hcl.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hcltech Hcl Inotes | =9.0.1 | |
| Hcltech Hcl Inotes | =9.0.1-fixpack_10 | |
| Hcltech Hcl Inotes | =9.0.1-fixpack_3 | |
| Hcltech Hcl Inotes | =9.0.1-fixpack_4 | |
| Hcltech Hcl Inotes | =9.0.1-fixpack_5 | |
| Hcltech Hcl Inotes | =9.0.1-fixpack_6 | |
| Hcltech Hcl Inotes | =9.0.1-fixpack_7 | |
| Hcltech Hcl Inotes | =9.0.1-fixpack_8 | |
| Hcltech Hcl Inotes | =9.0.1-fixpack_9 | |
| Hcltech Hcl Inotes | =10.0 | |
| Hcltech Hcl Inotes | =10.0.1 | |
| Hcltech Hcl Inotes | =10.0.1-fixpack_1 | |
| Hcltech Hcl Inotes | =10.0.1-fixpack_2 | |
| Hcltech Hcl Inotes | =10.0.1-fixpack_3 | |
| Hcltech Hcl Inotes | =10.0.1-fixpack_4 | |
| Hcltech Hcl Inotes | =10.0.1-fixpack_5 | |
| Hcltech Hcl Inotes | =10.0.1-fixpack_6 | |
| Hcltech Hcl Inotes | =10.0.1-fixpack_7 | |
| Hcltech Hcl Inotes | =10.0.1-fixpack_8 | |
| Hcltech Hcl Inotes | =11.0 | |
| Hcltech Hcl Inotes | =11.0.1 | |
| Hcltech Hcl Inotes | =11.0.1-fixpack_1 | |
| Hcltech Hcl Inotes | =11.0.1-fixpack_2 | |
| Hcltech Hcl Inotes | =11.0.1-fixpack_3 | |
| Hcltech Hcl Inotes | =11.0.1-fixpack_4 | |
| Hcltech Hcl Inotes | =11.0.1-fixpack_5 | |
| Hcltech Hcl Inotes | =12.0 | |
| Hcltech Hcl Inotes | =12.0.1 | |
| Hcltech Hcl Inotes | =12.0.1-fixpack_1 | |
| Hcltech Domino | =9.0 | |
| Hcltech Domino | =9.0.1 | |
| Hcltech Domino | =9.0.1-fixpack_10 | |
| Hcltech Domino | =9.0.1-fixpack_3 | |
| Hcltech Domino | =9.0.1-fixpack_4 | |
| Hcltech Domino | =9.0.1-fixpack_5 | |
| Hcltech Domino | =9.0.1-fixpack_6 | |
| Hcltech Domino | =9.0.1-fixpack_7 | |
| Hcltech Domino | =9.0.1-fixpack_8 | |
| Hcltech Domino | =9.0.1-fixpack_9 | |
| Hcltech Domino | =10.0 | |
| Hcltech Domino | =10.0.1 | |
| Hcltech Domino | =10.0.1-fixpack_1 | |
| Hcltech Domino | =10.0.1-fixpack_2 | |
| Hcltech Domino | =10.0.1-fixpack_3 | |
| Hcltech Domino | =10.0.1-fixpack_4 | |
| Hcltech Domino | =10.0.1-fixpack_5 | |
| Hcltech Domino | =10.0.1-fixpack_6 | |
| Hcltech Domino | =10.0.1-fixpack_7 | |
| Hcltech Domino | =10.0.1-fixpack_8 | |
| Hcltech Domino | =11.0 | |
| Hcltech Domino | =11.0.1 | |
| Hcltech Domino | =11.0.1-fixpack_1 | |
| Hcltech Domino | =11.0.1-fixpack_2 | |
| Hcltech Domino | =11.0.1-fixpack_3 | |
| Hcltech Domino | =11.0.1-fixpack_4 | |
| Hcltech Domino | =11.0.1-fixpack_5 | |
| Hcltech Domino | =12.0 | |
| Hcltech Domino | =12.0.1 | |
| Hcltech Domino | =12.0.1-fixpack_1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/author
- agent/references
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/hcltech
- canonical/hcltech hcl inotes
- version/hcltech hcl inotes/9.0.1
- version/hcltech hcl inotes/9.0.1-fixpack_10
- version/hcltech hcl inotes/9.0.1-fixpack_3
- version/hcltech hcl inotes/9.0.1-fixpack_4
- version/hcltech hcl inotes/9.0.1-fixpack_5
- version/hcltech hcl inotes/9.0.1-fixpack_6
- version/hcltech hcl inotes/9.0.1-fixpack_7
- version/hcltech hcl inotes/9.0.1-fixpack_8
- version/hcltech hcl inotes/9.0.1-fixpack_9
- version/hcltech hcl inotes/10.0
- version/hcltech hcl inotes/10.0.1
- version/hcltech hcl inotes/10.0.1-fixpack_1
- version/hcltech hcl inotes/10.0.1-fixpack_2
- version/hcltech hcl inotes/10.0.1-fixpack_3
- version/hcltech hcl inotes/10.0.1-fixpack_4
- version/hcltech hcl inotes/10.0.1-fixpack_5
- version/hcltech hcl inotes/10.0.1-fixpack_6
- version/hcltech hcl inotes/10.0.1-fixpack_7
- version/hcltech hcl inotes/10.0.1-fixpack_8
- version/hcltech hcl inotes/11.0
- version/hcltech hcl inotes/11.0.1
- version/hcltech hcl inotes/11.0.1-fixpack_1
- version/hcltech hcl inotes/11.0.1-fixpack_2
- version/hcltech hcl inotes/11.0.1-fixpack_3
- version/hcltech hcl inotes/11.0.1-fixpack_4
- version/hcltech hcl inotes/11.0.1-fixpack_5
- version/hcltech hcl inotes/12.0
- version/hcltech hcl inotes/12.0.1
- version/hcltech hcl inotes/12.0.1-fixpack_1
- canonical/hcltech domino
- version/hcltech domino/9.0
- version/hcltech domino/9.0.1
- version/hcltech domino/9.0.1-fixpack_10
- version/hcltech domino/9.0.1-fixpack_3
- version/hcltech domino/9.0.1-fixpack_4
- version/hcltech domino/9.0.1-fixpack_5
- version/hcltech domino/9.0.1-fixpack_6
- version/hcltech domino/9.0.1-fixpack_7
- version/hcltech domino/9.0.1-fixpack_8
- version/hcltech domino/9.0.1-fixpack_9
- version/hcltech domino/10.0
- version/hcltech domino/10.0.1
- version/hcltech domino/10.0.1-fixpack_1
- version/hcltech domino/10.0.1-fixpack_2
- version/hcltech domino/10.0.1-fixpack_3
- version/hcltech domino/10.0.1-fixpack_4
- version/hcltech domino/10.0.1-fixpack_5
- version/hcltech domino/10.0.1-fixpack_6
- version/hcltech domino/10.0.1-fixpack_7
- version/hcltech domino/10.0.1-fixpack_8
- version/hcltech domino/11.0
- version/hcltech domino/11.0.1
- version/hcltech domino/11.0.1-fixpack_1
- version/hcltech domino/11.0.1-fixpack_2
- version/hcltech domino/11.0.1-fixpack_3
- version/hcltech domino/11.0.1-fixpack_4
- version/hcltech domino/11.0.1-fixpack_5
- version/hcltech domino/12.0
- version/hcltech domino/12.0.1
- version/hcltech domino/12.0.1-fixpack_1