CVE-2025-52629

CVSS Score & Metrics

Base Score

3.7 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L                                    

Vulnerability Description

HCL AION is susceptible to Missing Content-Security-Policy.

An The absence of a CSP header may increase the risk of cross-site scripting and other content injection attacks by allowing unsafe scripts or resources to execute..This issue affects AION: 2.0.

Vulnerability Details

Published Date

February 03, 2026

Last Modified

February 04, 2026

CWE ID

CWE-1032

Source

NVD

Vendor

HCL

Product

AION

External References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment