Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2020-4089

HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network filesystems being leaked to a third party. All versions of HCL Notes 9, 10 and 11 are affected.

  • Published: Jun 27, 2020
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-4089
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
hcltech / notes 9.0 9.0.x
hcltech / notes 11.0 11.0.x
hcltech / notes 10.0 10.0.x