CVE-2020-4089
MEDIUMHCL Notes 9-11 - Information Leakage via Mailto Protocol Handler
Title source: llmDescription
HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network filesystems being leaked to a third party. All versions of HCL Notes 9, 10 and 11 are affected.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080343
Scores
CVSS v3
6.5
EPSS
0.0036
EPSS Percentile
58.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Details
Status
published
Products (3)
hcltech/notes
9.0
hcltech/notes
10.0
hcltech/notes
11.0
Published
Jun 26, 2020
Tracked Since
Feb 18, 2026