CVE-2025-31969

Summary

HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP). These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareUnica Platform<= 25.1affected

Weaknesses

  • CWE-358: CWE-358 Improperly Implemented Security Check for Standard

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References