Security Advisory

CVE-2025-52624

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-10 10:25:32

Last updated 2026-02-03 17:45:58

Assigner HCL

State PUBLISHED

Description

A vulnerability Bypass of the script allowlist configuration in HCL AION. An incorrectly configured Content-Security-Policy header may allow unauthorized scripts to execute, increasing the risk of cross-site scripting and other injection-based attacks.This issue affects AION: 2.0.

← Browse all CVEs View on cve.org ↗