CVE-2025-62320

MEDIUM EPSS 5.4%
Published Mar 17, 20263mo ago · Modified Jun 17, 20262w ago
6.1 CVSS 3.1
Medium
Find Similar
Published Mar 17, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML code into the page. When the browser loads the page, it may automatically interact with external resources included in that HTML, which can cause unexpected requests from the user’s browser.

CVSS Details

Base Score
6.1
Exploitability
2.8
Impact
2.7
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Changed
Confidentiality Low
Integrity Low
Availability None

Threat Intelligence

EPSS Exploit Probability
5.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 18

VendorProductVersionRange
hcltechunica* <12.1.11
hcltechunica*≥25.1.0  –  <25.1.1.0.1
hcltechunica_audience_central* <12.1.11
hcltechunica_audience_central*≥25.1.0  –  <25.1.1.0.1
hcltechunica_campaign* <12.1.11
hcltechunica_campaign*≥25.1.0  –  <25.1.1.0.1
hcltechunica_centralised_offer_management* <12.1.11
hcltechunica_centralised_offer_management*≥25.1.0  –  <25.1.1.0.1
hcltechunica_contact_central* <12.1.11
hcltechunica_contact_central*≥25.1.0  –  <25.1.1.0.1
hcltechunica_interact* <12.1.11
hcltechunica_interact*≥25.1.0  –  <25.1.1.0.1
hcltechunica_journey* <12.1.11
hcltechunica_journey*≥25.1.0  –  <25.1.1.0.1
hcltechunica_plan* <12.1.11
hcltechunica_plan*≥25.1.0  –  <25.1.1.0.1
hcltechunica_segment_central* <12.1.11
hcltechunica_segment_central*≥25.1.0  –  <25.1.1.0.1

References 1

  • support.hcl-software.com https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129460
    PatchVendor Advisory

Remediation

  • support.hcl-software.com https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129460
    PatchVendor Advisory