CVE-2025-31969

MEDIUM

4.0

Descricao

HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP). These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking.

Detalhes CVE

Pontuacao CVSS v3.14.0

SeveridadeMEDIUM

Vetor CVSSCVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L

Vetor de ataqueADJACENT_NETWORK

ComplexidadeHIGH

Privilegios necessariosHIGH

Interacao do usuarioNONE

Publicado10/12/2025

Ultima modificacao10/20/2025

Fontenvd

Avistamentos honeypot0

Produtos afetados

hcltech:unica

Fraquezas (CWE)

CWE-358

Referencias

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124417(psirt@hcl.com)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.