Vulnerability Details CVE-2020-14225
HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vulnerability to trick the end user into entering sensitive information such as credentials, e.g. as part of a phishing attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2020-14225
-
cpe:2.3:a:hcltech:hcl_inotes:10.0.1
-
cpe:2.3:a:hcltech:hcl_inotes:11.0.0
-
cpe:2.3:a:hcltechsw:hcl_inotes:*
-
cpe:2.3:a:hcltechsw:hcl_inotes:9.0.1