68 matches found
CVE-2025-52624
A vulnerability Bypass of the script allowlist configuration in HCL AION. An incorrectly configured Content-Security-Policy header may allow unauthorized scripts to execute, increasing the risk of cross-site scripting and other injection-based attacks.This issue affects AION: 2.0...
CVE-2025-52624
A vulnerability Bypass of the script allowlist configuration in HCL AION. An incorrectly configured Content-Security-Policy header may allow unauthorized scripts to execute, increasing the risk of cross-site scripting and other injection-based attacks.This issue affects AION: 2.0...
CVE-2025-52624
CVE-2025-52624 affects HCL AION 2.0. The issue is a bypass of the script allowlist caused by misconfigured Content-Security-Policy, enabling unauthorized scripts and increasing risk of cross-site scripting and other injection attacks. Connected sources confirm the vulnerability in HCL AION and de...
EUVD-2025-8515
Malicious code in bioql PyPI...
EUVD-2025-22314
Malicious code in bioql PyPI...
EUVD-2025-21084
Malicious code in bioql PyPI...
EUVD-2024-16398
Malicious code in bioql PyPI...
EUVD-2025-8516
Malicious code in bioql PyPI...
CVE-2025-52653
HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of unauthorized scripts, potentially resulting in unauthorized actions or access...
CVE-2025-52653
HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of unauthorized scripts, potentially resulting in unauthorized actions or access...
EUVD-2025-32319
HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of unauthorized scripts, potentially resulting in unauthorized actions or access...
CVE-2025-52653
The CVE-2025-52653 entry concerns HCL MyXalytics web application. A Cross Site Scripting (XSS) vulnerability in the web UI is documented, enabling execution of unauthorized scripts and potentially leading to unauthorized actions or access. Affected component is the web application (MyXalytics) wi...
HCL MyXalytics 安全漏洞
HCL MyXalytics is an analytics software product from HCL India. It is used to perform data analysis and other related tasks. A security vulnerability exists in HCL MyXalytics, which stems from the vulnerability of the web application to cross-site scripting attacks, which could lead to the...
PT-2025-40572
Name of the Vulnerable Software and Affected Versions HCL MyXalytics affected versions not specified Description The HCL MyXalytics web application is susceptible to a Cross Site Scripting issue. This allows the execution of unauthorized scripts, which could lead to unauthorized actions or access...
CVE-2025-34141
A reflected cross-site scripting XSS vulnerability exists in ETQ Reliance CG legacy platform within the SQLConverterServlet component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The...
CVE-2025-34141
A reflected cross-site scripting XSS vulnerability exists in ETQ Reliance CG legacy platform within the SQLConverterServlet component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The...
CVE-2025-34141 ETQ Reliance CG < SE.2025.1 Reflected XSS in `SQLConverterServlet`
A reflected cross-site scripting XSS vulnerability exists in ETQ Reliance CG legacy platform within the SQLConverterServlet component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The...
CVE-2025-34141 ETQ Reliance CG < SE.2025.1 Reflected XSS in `SQLConverterServlet`
A reflected cross-site scripting XSS vulnerability exists in ETQ Reliance CG legacy platform within the SQLConverterServlet component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The...
CVE-2025-53397
A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other...
CVE-2025-53519
A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By manipulating specific parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or...