Home

Description

HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP). These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking.

PUBLISHED Reserved 2025-04-01 | Published 2025-10-12 | Updated 2025-10-12 | Assigner HCL




MEDIUM: 4.0CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L

Problem types

CWE-358 Improperly Implemented Security Check for Standard

Product status

Default status
unaffected

<= 25.1
affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0124417

cve.org (CVE-2025-31969)

nvd.nist.gov (CVE-2025-31969)

Download JSON