CVE-2025-31969

EPSS 0.03%
Veröffentlicht 12.10.2025 07:37:24
Zuletzt bearbeitet 20.10.2025 16:59:29
Quelle psirt@hcl.com
CVE-Watchlists
Login
Unerledigt
Login

HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP).  These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hcltech ≫ Unica Version <= 25.1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.071

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
psirt@hcl.com	4	1	2.7	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L

CWE-358 Improperly Implemented Security Check for Standard

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124417

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-31969

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-31969

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-31969

EUVD