CVE-2020-14225

Summary

HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vulnerability to trick the end user into entering sensitive information such as credentials, e.g. as part of a phishing attack.

Affected Software

VendorProductVersion RangeStatus
n/aHCL iNotesversions previous to releases 9.0.1 FP10 IF6affected
n/aHCL iNotes10.0.1 FP5 and 11.0.1affected

Weaknesses

  • "Tabnabbing vulnerability"

ADP Enrichment

CVE Program Container

Additional References

References