CVE-2025-52623 | THREATINT

Description

HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability. This can allow autocomplete on password fields may lead to unintended storage or disclosure of sensitive credentials, potentially increasing the risk of unauthorized access. This issue affects AION: 2.0.

PUBLISHED Reserved 2025-06-18 | Published 2026-02-03 | Updated 2026-02-03 | Assigner HCL

LOW: 3.7CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L

Problem types

CWE-522

Product status

Default status

unaffected

2.0

affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0127972

cve.org (CVE-2025-52623)

nvd.nist.gov (CVE-2025-52623)

Download JSON