Security Advisory

CVE-2025-31966

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-17 11:29:21

Last updated 2026-03-17 12:57:24

Assigner HCL

State PUBLISHED

Description

HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server.

← Browse all CVEs View on cve.org ↗