Vulnerabilities

CVE-2025-52624

by Fred · 10/10/2025

A vulnerability Bypass of the script allowlist configuration in HCL AION.

An incorrectly configured Content-Security-Policy header may allow unauthorized scripts to execute, increasing the risk of cross-site scripting and other injection-based attacks.This issue affects AION: 2.0.

More information : https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124444

Similar

Tags: Cybersecurity Alert