Lucene search
K

5 matches found

NVD
NVD
added 2026/02/03 7:16 p.m.9 views

CVE-2025-52633

HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0...

5.3CVSS0.00179EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 6:0 p.m.11 views

CVE-2025-52633

HCL AION 2.0 is affected by a vulnerability where sensitive session data is stored in persistent cookies, leading to potential information disclosure. Root cause cited by CNVD/Red Hat sources is lack of content security policy. Practical impact is information exposure if cookies are intercepted o...

5.3CVSS5.3AI score0.00179EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 5:54 p.m.3 views

CVE-2025-52629 HCL AION is susceptible to Missing Content-Security-Policy

HCL AION is susceptible to Missing Content-Security-Policy. An The absence of a CSP header may increase the risk of cross-site scripting and other content injection attacks by allowing unsafe scripts or resources to execute..This issue affects AION: 2.0...

3.7CVSS5.1AI score0.0012EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-5907

Name of the Vulnerable Software and Affected Versions HCL AION version 2.0 Description HCL AION is susceptible to a security issue involving the storage of sensitive session data in persistent cookies. This practice can elevate the risk of unauthorized access if these cookies are intercepted or...

3.1CVSS5.4AI score0.00179EPSS
Exploits0References3
CVE
CVE
added 2025/10/10 10:6 a.m.18 views

CVE-2025-52632

CVE-2025-52632 affects HCL AION 2.0 and is described as a Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability. The available connected sources confirm the affected product (HCL AION) and the issue arises in encrypted session cookies lacking the Secure attribute, which can exp...

7.5CVSS6.6AI score0.00137EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder