Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2020-14240

HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 FP6 and 11.0.1 FP1 is susceptible to a Stored Cross-site Scripting (XSS) vulnerability. An attacker could use this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site and/or steal the victim's cookie-based authentication credentials.

  • Published: Nov 5, 2020
  • Updated: Apr 13, 2023
  • CVE: CVE-2020-14240
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
hcltech / notes 9.0 9.0.1.x
hcltech / notes 10.0 10.0.1.x
hcltech / notes 11.0 11.0.1.x
hcltech / notes 9.0.1-fp7if1 9.0.1-fp7if1.x
hcltech / notes 9.0.1-fp7if2 9.0.1-fp7if2.x
hcltech / notes 9.0.1-fp8if1 9.0.1-fp8if1.x
hcltech / notes 9.0.1-fp9if2 9.0.1-fp9if2.x
hcltech / notes 9.0.1-fp9if1 9.0.1-fp9if1.x
hcltech / notes 9.0.1-fp10 9.0.1-fp10.x
hcltech / notes 9.0.1-fp10if1 9.0.1-fp10if1.x
hcltech / notes 9.0.1-fp10if2 9.0.1-fp10if2.x
hcltech / notes 9.0.1-fp10if3 9.0.1-fp10if3.x
hcltech / notes 9.0.1-fp10if4 9.0.1-fp10if4.x
hcltech / notes 9.0.1-fp10if5 9.0.1-fp10if5.x
hcltech / notes 9.0.1-fp10if6 9.0.1-fp10if6.x
hcltech / notes 9.0.1-fp10if7 9.0.1-fp10if7.x
hcltech / notes 9.0.1-fp4if1 9.0.1-fp4if1.x
hcltech / notes 9.0.1-fp4if2 9.0.1-fp4if2.x
hcltech / notes 9.0.1-fp5if3 9.0.1-fp5if3.x
hcltech / notes 9.0.1-fp5if2 9.0.1-fp5if2.x
hcltech / notes 9.0.1-fp5if1 9.0.1-fp5if1.x
hcltech / notes 9.0.1-fp1if1 9.0.1-fp1if1.x
hcltech / notes 9.0.1-fp1if2 9.0.1-fp1if2.x
hcltech / notes 9.0.1-fp2if1 9.0.1-fp2if1.x
hcltech / notes 9.0.1-fp2if2 9.0.1-fp2if2.x
hcltech / notes 9.0.1-fp2if3 9.0.1-fp2if3.x
hcltech / notes 9.0.1-fp2if4 9.0.1-fp2if4.x
hcltech / notes 9.0.1-fp3if1 9.0.1-fp3if1.x
hcltech / notes 9.0.1-fp3if2 9.0.1-fp3if2.x
hcltech / notes 9.0.1-fp3if3 9.0.1-fp3if3.x
hcltech / notes 9.0.1-fp3if4 9.0.1-fp3if4.x
hcltech / notes 10.0.1-fp4 10.0.1-fp4.x
hcltech / notes 10.0.1-fp3 10.0.1-fp3.x
hcltech / notes 10.0.1-fp2 10.0.1-fp2.x
hcltech / notes 10.0.1-fp1 10.0.1-fp1.x
hcltech / notes 10.0.1-fp5 10.0.1-fp5.x