HCL Technologies Connections 8.0 Cumulative Release 6
Approved changes feed: RSS · Atom
cpe:2.3:a:hcltech:connections:8.0:cumulative_release6:*:*:*:*:*:*
part: a version: 8.0 update: cumulative_release6
| Vendor | Hcltech (be2dce80-cb79-5854-9fe6-9b4a1139ec3e) |
|---|---|
| Product | Connections (1126ee82-bd12-5061-93ca-4bbcd048ce44) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-21788 |
vulnerable | 2026-06-03 15:15:51.650750 |
HCL Connections is vulnerable to cross-site scripting (XSS)
MEDIUM (5.4)
HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user which leads to executing malicious script code. This may allow the attacker steal cookie-based authentication credentials and comprise user's account then launch other attacks.
Published: 2026-03-19T08:44:21.005Z
Updated: 2026-03-19T13:30:30.937Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52639 |
vulnerable | 2026-06-03 15:03:52.184141 |
HCL Connections is vulnerable to sensitive information disclosure
LOW (3.5)
HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper rendering of application data.
Published: 2025-11-18T18:58:06.174Z
Updated: 2025-11-18T20:21:35.778Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52603 |
vulnerable | 2026-06-03 15:03:52.147467 |
HCL Connections is vulnerable to information disclosure
LOW (3.5)
HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser.
Published: 2026-02-20T15:29:55.020Z
Updated: 2026-02-20T20:15:58.961Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-31961 |
vulnerable | 2026-06-03 15:00:39.724780 |
HCL Connections is vulnerable to broken access control
LOW (3.7)
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
Published: 2025-08-15T04:29:59.295Z
Updated: 2025-08-15T16:34:50.112Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42209 |
vulnerable | 2026-06-03 14:56:36.015121 |
HCL Connections is vulnerable to an information disclosure vulnerability
LOW (3.5)
HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, which is caused by improper handling of request data.
Published: 2025-07-17T19:24:29.065Z
Updated: 2025-07-17T20:04:32.682Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42208 |
vulnerable | 2026-06-03 14:56:36.012783 |
HCL Connections is vulnerable to an information disclosure vulnerability
LOW (3.5)
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.
Published: 2025-04-04T05:22:59.531Z
Updated: 2025-04-04T14:17:34.859Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42188 |
vulnerable | 2026-06-03 14:56:35.986623 |
HCL Connections is vulnerable to a broken access control vulnerability
LOW (3.7)
HCL Connections is vulnerable to a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios.
Published: 2024-11-14T15:31:58.223Z
Updated: 2024-11-14T15:53:55.192Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30112 |
vulnerable | 2026-06-03 14:55:37.321756 |
HCL Connections is vulnerable to a cross-site scripting (XSS) vulnerability
MEDIUM (5.4)
HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user which leads to executing malicious script code. This may let the attacker steal cookie-based authentication credentials and comprise user's account then launch other attacks.
Published: 2024-06-25T21:28:23.078Z
Updated: 2024-10-30T17:32:31.169Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37541 |
vulnerable | 2026-06-03 14:52:29.153498 |
HCL Connections is vulnerable to broken access control
LOW (3.5)
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
Published: 2024-06-25T15:08:03.168Z
Updated: 2025-02-25T23:12:11.673Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.