2.6
CVE-2025-62309
- EPSS 0.12%
- Veröffentlicht 14.05.2026 16:10:49
- Zuletzt bearbeitet 14.05.2026 17:22:46
- Quelle psirt@hcl.com
- CVE-Watchlists
- Unerledigt
HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields.
HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerHCL
≫
Produkt
AION
Default Statusunaffected
Version
2.1.0
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.019 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@hcl.com | 2.6 | 0.9 | 1.4 |
CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N
|
CWE-201 Insertion of Sensitive Information Into Sent Data
The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636