Skip to main content

Connections CVE-2026-21788

| EUVDEUVD-2026-13075 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-03-19 HCL
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 19, 2026 - 09:15 euvd
EUVD-2026-13075
Analysis Generated
Mar 19, 2026 - 09:15 vuln.today
CVE Published
Mar 19, 2026 - 08:44 nvd
MEDIUM 5.4

DescriptionCVE.org

HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user which leads to executing malicious script code.  This may allow the attacker steal cookie-based authentication credentials and comprise user's account then launch other attacks.

AnalysisAI

HCL Connections contains a reflected or stored cross-site scripting (XSS) vulnerability that allows authenticated attackers to inject malicious JavaScript into the application, which executes in the browsers of other users who interact with the crafted payload. An attacker with valid credentials can steal session cookies and authentication tokens, potentially compromising victim accounts and enabling further attacks such as lateral movement or data exfiltration. The vulnerability requires user interaction and authentication to exploit, resulting in a CVSS score of 5.4 (Medium severity), though the impact is cross-site scope.

Technical ContextAI

This vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting or XSS). The root cause is inadequate input validation or output encoding within HCL Connections' web interface, allowing user-supplied data to be rendered directly in HTML or JavaScript contexts without proper sanitization. The affected product is HCL Connections (identified via CPE cpe:2.3:a:hclsoftware:connections:*:*:*:*:*:*:*:*), a collaborative enterprise software platform that processes user input across multiple features such as activities, communities, profiles, and messaging. The vulnerability likely exists in template rendering or dynamic content generation functions where user-controlled parameters are not escaped or validated before being sent to the browser.

RemediationAI

Immediately consult the HCL security advisory at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129107 to identify the patched version for your HCL Connections deployment and upgrade to that version without delay. Until patching is feasible, implement compensating controls including enforcing HTTPS-only connections with HSTS headers, deploying a Content Security Policy (CSP) that prevents inline script execution and restricts script sources to trusted domains, enabling browser security features such as X-Frame-Options and X-Content-Type-Options headers, restricting network access to HCL Connections to trusted IP ranges, and conducting security awareness training to discourage users from clicking untrusted links within the application. Monitor for suspicious activity such as unusual authentication patterns or session hijacking attempts that may indicate exploitation attempts.

CVE-2020-4083 MEDIUM POC
5.5 Mar 05

HCL Connections 6.5 is vulnerable to possible information leakage. Rated medium severity (CVSS 5.5), this vulnerability

CVE-2020-4082 MEDIUM POC
5.4 Mar 05

The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplie

CVE-2016-3007 HIGH
8.8 Sep 26

Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before C

CVE-2015-5038 HIGH
7.5 Jan 03

IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 does not properly detect recu

CVE-2016-2999 MEDIUM
6.5 Sep 26

IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to obtain sens

CVE-2024-30107 MEDIUM
6.5 Apr 18

HCL Connections contains a broken access control vulnerability that may expose sensitive information to unauthorized use

CVE-2023-28022 MEDIUM
6.5 Dec 15

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive in

CVE-2020-4085 MEDIUM
6.5 Apr 22

"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace

CVE-2023-37533 MEDIUM
6.1 Nov 09

HCL Connections is vulnerable to reflected cross-site scripting (XSS) where an attacker may leverage these issues to exe

CVE-2014-0929 MEDIUM
6.0 Jun 08

Cross-site request forgery (CSRF) vulnerability in the Profiles component in IBM Connections through 3.0.1.1 CR3 allows

CVE-2024-30118 MEDIUM
5.7 Oct 09

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive in

CVE-2016-5932 MEDIUM
5.4 Mar 01

IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vul

Share

CVE-2026-21788 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy