exploitDog

CVE-2025-31969

Опубликовано: 12 окт. 2025

Источник: nvd

CVSS3: 4

CVSS3: 6.1

EPSS Низкий

Описание

HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP). These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking.

Ссылки

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124417
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcltech:unica:*:*:*:*:*:*:*:*

Версия до 25.1.0 (включая)

EPSS

Процентиль: 9%

0.00033

Низкий

4 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-358

Связанные уязвимости

GHSA-cpqg-x3j4-hhv6

CVSS3: 4

github

4 месяца назад

HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP). These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking.

EPSS

Процентиль: 9%

0.00033

Низкий

4 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-358