Skip to main content

CWE-1032

OWASP Top Ten 2017 Category A6 - Security Misconfiguration

4 CVEs Avg CVSS 5.2 MITRE
0
CRITICAL
1
HIGH
1
MEDIUM
2
LOW
0
POC
0
KEV

Monthly

CVE-2025-52629 LOW Monitor

HCL AION is susceptible to Missing Content-Security-Policy. An The absence of a CSP header may increase the risk of cross-site scripting and other content injection attacks by allowing unsafe scripts or resources to execute..This issue affects AION: 2.0. [CVSS 3.7 LOW]

XSS Aion
NVD
CVSS 3.1
3.7
EPSS
0.0%
CVE-2025-52635 LOW Monitor

A rusted types in scripts not enforced in CSP vulnerability has been identified in HCL AION.This issue affects AION: 2.0.

Information Disclosure Aion
NVD
CVSS 3.1
3.7
EPSS
0.0%
CVE-2025-52624 MEDIUM This Month

A vulnerability  Bypass of the script allowlist configuration in HCL AION.  An incorrectly configured Content-Security-Policy header may allow unauthorized scripts to execute, increasing the risk of cross-site scripting and other injection-based attacks.This issue affects AION: 2.0.

XSS Aion
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-52650 HIGH This Week

Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0

Information Disclosure Aion
NVD
CVSS 3.1
8.2
EPSS
0.0%
EPSS 0% CVSS 3.7
LOW Monitor

HCL AION is susceptible to Missing Content-Security-Policy. An The absence of a CSP header may increase the risk of cross-site scripting and other content injection attacks by allowing unsafe scripts or resources to execute..This issue affects AION: 2.0. [CVSS 3.7 LOW]

XSS Aion
NVD
EPSS 0% CVSS 3.7
LOW Monitor

A rusted types in scripts not enforced in CSP vulnerability has been identified in HCL AION.This issue affects AION: 2.0.

Information Disclosure Aion
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability  Bypass of the script allowlist configuration in HCL AION.  An incorrectly configured Content-Security-Policy header may allow unauthorized scripts to execute, increasing the risk of cross-site scripting and other injection-based attacks.This issue affects AION: 2.0.

XSS Aion
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0

Information Disclosure Aion
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy