9 matches found
CVE-2025-52628
HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow cookies to be sent in cross-site requests, potentially increasing exposure to cross-site request forgery and related security risks. This issue affects AION: 2.0...
EUVD-2025-206688
HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow cookies to be sent in cross-site requests, potentially increasing exposure to cross-site request forgery and related security risks. This issue affects AION: 2.0...
HCL AION 安全漏洞
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a cross-site request forgery vulnerability that stems from a missing or insecure SameSite attribute of a cookie, and no detailed vulnerability details are provided at this time...
Exposed Dangerous Method or Function
Overview typo3/cms-lowlevel is an Enables the 'Config' and 'DB Check' modules for technical analysis of the system. This includes raw database search, checking relations, counting pages and records etc. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via t...
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the backend user interface functionality involving deep links. An attacker can manipulate the state-changing actions and trigger unauthorized commands by deceiving a victim into interacting with a...
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the backend user interface functionality involving deep links. An attacker can manipulate the session and perform unauthorized actions. Note: This is only exploitable if the...
PT-2025-3145 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS Description: A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptibl...
PT-2025-3149 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS Description: A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptibl...
PT-2025-3150 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS Description: A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptibl...