Severity by source
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
3DescriptionCVE.org
HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user which leads to executing malicious script code. This may allow the attacker steal cookie-based authentication credentials and comprise user's account then launch other attacks.
AnalysisAI
HCL Connections contains a reflected or stored cross-site scripting (XSS) vulnerability that allows authenticated attackers to inject malicious JavaScript into the application, which executes in the browsers of other users who interact with the crafted payload. An attacker with valid credentials can steal session cookies and authentication tokens, potentially compromising victim accounts and enabling further attacks such as lateral movement or data exfiltration. The vulnerability requires user interaction and authentication to exploit, resulting in a CVSS score of 5.4 (Medium severity), though the impact is cross-site scope.
Technical ContextAI
This vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting or XSS). The root cause is inadequate input validation or output encoding within HCL Connections' web interface, allowing user-supplied data to be rendered directly in HTML or JavaScript contexts without proper sanitization. The affected product is HCL Connections (identified via CPE cpe:2.3:a:hclsoftware:connections:*:*:*:*:*:*:*:*), a collaborative enterprise software platform that processes user input across multiple features such as activities, communities, profiles, and messaging. The vulnerability likely exists in template rendering or dynamic content generation functions where user-controlled parameters are not escaped or validated before being sent to the browser.
RemediationAI
Immediately consult the HCL security advisory at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129107 to identify the patched version for your HCL Connections deployment and upgrade to that version without delay. Until patching is feasible, implement compensating controls including enforcing HTTPS-only connections with HSTS headers, deploying a Content Security Policy (CSP) that prevents inline script execution and restricts script sources to trusted domains, enabling browser security features such as X-Frame-Options and X-Content-Type-Options headers, restricting network access to HCL Connections to trusted IP ranges, and conducting security awareness training to discourage users from clicking untrusted links within the application. Monitor for suspicious activity such as unusual authentication patterns or session hijacking attempts that may indicate exploitation attempts.
More in Connections
View allHCL Connections 6.5 is vulnerable to possible information leakage. Rated medium severity (CVSS 5.5), this vulnerability
The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplie
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before C
IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 does not properly detect recu
IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to obtain sens
HCL Connections contains a broken access control vulnerability that may expose sensitive information to unauthorized use
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive in
"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace
HCL Connections is vulnerable to reflected cross-site scripting (XSS) where an attacker may leverage these issues to exe
Cross-site request forgery (CSRF) vulnerability in the Profiles component in IBM Connections through 3.0.1.1 CR3 allows
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive in
IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vul
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-13075