CVE-2025-52654

Summary

HCL MyXalytics v6.6 is affected by an HTML Injection. This issue occurs when untrusted input is included in the output without proper handling, potentially allowing unauthorized content injection and manipulation.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL MyXalytics6.6affected

Weaknesses

  • CWE-80: CWE-80

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References