Hcltech: >> Connections >> 8.0 Security Vulnerabilities
HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper rendering of application data.
CVSS Score
3.5
EPSS Score
0.0
Published
2025-11-18
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
CVSS Score
3.7
EPSS Score
0.0
Published
2025-08-15
HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, which is caused by improper handling of request data.
CVSS Score
3.5
EPSS Score
0.0
Published
2025-07-17
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.
CVSS Score
3.5
EPSS Score
0.0
Published
2025-04-04
HCL Connections is vulnerable to a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios.
CVSS Score
3.7
EPSS Score
0.001
Published
2024-11-14
HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entitled to due to the improper handling of request data.
CVSS Score
3.5
EPSS Score
0.004
Published
2024-10-28
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to because of improperly handling the request data.
CVSS Score
3.5
EPSS Score
0.004
Published
2024-10-09
HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user which leads to executing malicious script code. This may let the attacker steal cookie-based authentication credentials and comprise user's account then launch other attacks.
CVSS Score
5.4
EPSS Score
0.009
Published
2024-06-25
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
CVSS Score
3.5
EPSS Score
0.002
Published
2024-06-25
HCL Connections contains a broken access control vulnerability that may expose sensitive information to unauthorized users in certain scenarios.
CVSS Score
3.5
EPSS Score
0.003
Published
2024-04-18
Page 1