CVE-2025-31969

Description

HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP). These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking.

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

None

Availability

Low

Affected products

HCL Software / Unica Platform<= 25.1 – <= 25.1

References

MISChttps://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124417