Lucene search
K

38 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/04 11:42 a.m.10 views

CVE-2025-52609

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

3.7CVSS5.6AI score0.00161EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/04 11:42 a.m.10 views

EUVD-2025-210060

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

5.3CVSS5.6AI score0.00161EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 11:41 a.m.10 views

EUVD-2025-210059

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

4.3CVSS5.9AI score0.00157EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:41 a.m.7 views

CVE-2025-52611

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

3.1CVSS5.9AI score0.00157EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/04 11:41 a.m.19 views

CVE-2025-52611

CVE-2025-52611 concerns HCL iControl v4.0.0, where an unhandled exception leads to stack trace disclosure. The root cause is described as accessing an undefined object’s property, specifically the dashboard key, within the application's JavaScript code. This missing/improperly initialized object ...

4.3CVSS5.9AI score0.00157EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:41 a.m.43 views

CVE-2025-52611 HCL iControl was affected by Unhandled Exception - Stack Trace Disclosure vulnerability

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

3.1CVSS0.00157EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 11:41 a.m.10 views

CVE-2025-52611 HCL iControl was affected by Unhandled Exception - Stack Trace Disclosure vulnerability

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

3.1CVSS5.9AI score0.00157EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:40 a.m.16 views

CVE-2025-52612

CVE-2025-52612 affects HCL iControl. The vulnerability is described as a CSV export injection that enables reflected cross-site scripting due to insufficient input parameter sanitization. The CVSS 3.1 vector (AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) indicates high impact across confidentiality, integ...

8.8CVSS5.6AI score0.00199EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 11:40 a.m.9 views

CVE-2025-52612 HCL iControl was affected by Export CSV - CSV Injection vulnerability.

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

7.1CVSS5.6AI score0.00199EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 11:40 a.m.38 views

CVE-2025-52612 HCL iControl was affected by Export CSV - CSV Injection vulnerability.

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

7.1CVSS0.00199EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:40 a.m.9 views

CVE-2025-52612

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

7.1CVSS5.6AI score0.00199EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/04 11:40 a.m.10 views

EUVD-2025-210058

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

8.8CVSS5.6AI score0.00199EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46184

HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical cookie attributes, including Secure and SameSite. And also path is set to root...

3.1CVSS5.8AI score0.00098EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.13 views

PT-2026-46185

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

3.7CVSS5.6AI score0.00161EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

HCL iControl 安全漏洞

HCL iControl is an IT infrastructure monitoring and automation platform developed by HCL Company in India. Version 4.0.0 of HCL iControl contains a security vulnerability. This vulnerability arises from unhandled exceptions, which lead to stack trace leaks. It occurs due to accessing the properti...

4.3CVSS5.3AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

HCL iControl 安全漏洞

HCL iControl is an IT infrastructure monitoring and automation platform developed by the Indian company HCL. HCL iControl has a security vulnerability, which stems from the lack of Cookie attributes, including Secure and SameSite, and the path is set to the root directory...

4.3CVSS5.3AI score0.00098EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46187

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

7.1CVSS5.6AI score0.00199EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.28 views

PT-2026-46183

HCL iControl was affected by Weak Input Validation vulnerability. This weakness is caused during implementation of an architectural security tactic. Received input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expecte...

4.3CVSS5.8AI score0.00169EPSS
Exploits0References2
Rows per page
Query Builder