Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap
allow script injection through query parameters.
Insufficient URI protocol whitelist in HCL Leap
allows script injection through query parameters.
Multiple vectors in HCL Domino Volt and Domino Leap allow client-side
script injection in the authoring environment and deployed applications.
Insufficient sanitization policy in HCL Leap
allows client-side script injection in the deployed application through the
HTML widget.
Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications.
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications.
Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications
Insufficient sanitization in HCL Leap allows
client-side script injection in the authoring environment.
Insufficient sanitization policy in HCL Leap
allows client-side script injection in the deployed application through the
HTML widget.
Improper access control of endpoint in HCL Domino Leap
allows certain admin users to import applications from the
server's filesystem.
Improper sanitization of SVG files in HCL Leap
allows client-side script injection in deployed applications.
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors.
Multiple vectors in HCL Leap allow client-side
script injection in the authoring environment and deployed applications.
Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
An issue in HCL Technologies Limited HCLTech GRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via APIs do not enforcing limits on the number or size of requests
HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability.
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user int
Unsafe default file type filter policy in HCL
Leap allows execution of unsafe JavaScript in deployed applications.
Page 1+ Next →