Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-28017
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
HCL Connections is vulnerable to cross-site scripting
Source: NVD (National Vulnerability Database)
Vulnerability Description
HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user after visiting the vulnerable URL which leads to executing malicious script code. This may let the attacker steal cookie-based authentication credentials and comprise a user's account then launch other attacks.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
HCL Technologies Hcl Connections 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
HCL Technologies Hcl Connections是美国HCL Technologies公司的一款 Web 2.0 企业协作平台应用程序。用于帮助团队提高工作效率。 HCL Technologies HCL Connections存在安全漏洞,该漏洞源于容易受到跨站脚本攻击,攻击者可能会利用此问题在用户的浏览器中执行任意脚本代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
HCL SoftwareHCL Connections 6.0, 6.5, 7.0, 8.0 -
II. Public POCs for CVE-2023-28017
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2023-28017
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: HCL Connections
Same vendor: HCL Software
V. Comments for CVE-2023-28017

No comments yet

Leave a comment