Connections
Approved changes feed: RSS · Atom
cpe:2.3:a:hclsoftware:connections:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Hclsoftware (06fdb6ce-b596-52c8-8d32-13dd34a56cea) |
|---|---|
| Product | Connections (90c6c94d-1053-5f4a-8bdd-fed9f8461e81) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-21789 |
vulnerable | 2026-06-03 15:15:51.653214 |
HCL Connections is vulnerable to broken access control
MEDIUM (4.6)
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
Published: 2026-05-18T19:17:18.844Z
Updated: 2026-05-18T19:54:06.181Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-21788 |
vulnerable | 2026-06-03 15:15:51.642109 |
HCL Connections is vulnerable to cross-site scripting (XSS)
MEDIUM (5.4)
HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user which leads to executing malicious script code. This may allow the attacker steal cookie-based authentication credentials and comprise user's account then launch other attacks.
Published: 2026-03-19T08:44:21.005Z
Updated: 2026-03-19T13:30:30.937Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52603 |
vulnerable | 2026-06-03 15:03:52.139656 |
HCL Connections is vulnerable to information disclosure
LOW (3.5)
HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser.
Published: 2026-02-20T15:29:55.020Z
Updated: 2026-02-20T20:15:58.961Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.