HCL Technologies Domino 12.0.1 Fixpack 1
Approved changes feed: RSS · Atom
cpe:2.3:a:hcltech:domino:12.0.1:fixpack_1:*:*:*:*:*:*
part: a version: 12.0.1 update: fixpack_1
| Vendor | Hcltech (be2dce80-cb79-5854-9fe6-9b4a1139ec3e) |
|---|---|
| Product | Domino (64e94e2d-b9df-556f-9df8-a791175e22d2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-27558 |
vulnerable | 2026-06-03 14:46:47.471132 |
HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability.
MEDIUM (5.9)
HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could allow users to set weak passwords, leading to easier cracking.
Published: 2022-08-29T16:00:31.939Z
Updated: 2024-09-17T01:12:04.670Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-27547 |
vulnerable | 2026-06-03 14:46:47.459615 |
HCL iNotes is susceptible to a link to non-existent domain vulnerability.
MEDIUM (6.1)
HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc.
Published: 2022-08-29T16:00:28.303Z
Updated: 2024-09-17T02:01:17.904Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-27546 |
vulnerable | 2026-06-03 14:46:47.457890 |
HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability
HIGH (8.3)
HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's web browser within the security context of the hosting web site and/or steal the victim's cookie-based authentication credentials.
Published: 2022-08-29T16:00:24.786Z
Updated: 2024-09-17T03:39:06.738Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.