Описание
HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vulnerability to trick the end user into entering sensitive information such as credentials, e.g. as part of a phishing attack.
Уязвимые конфигурации
Конфигурация 1Версия до 9.0.1 (исключая)
Одно из
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:-:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack1:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack2:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack3:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack4:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:11.0.0:*:*:*:*:*:*:*
cpe:2.3:a:hcltechsw:hcl_inotes:*:*:*:*:*:*:*:*
cpe:2.3:a:hcltechsw:hcl_inotes:9.0.1:fixpack_8:*:*:*:*:*:*
cpe:2.3:a:hcltechsw:hcl_inotes:9.0.1:fixpack_9:*:*:*:*:*:*
cpe:2.3:a:hcltechsw:hcl_inotes:9.0.1:fixpack_9_interim_fix_1:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00555
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vulnerability to trick the end user into entering sensitive information such as credentials, e.g. as part of a phishing attack.
EPSS
Процентиль: 68%
0.00555
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other