CVE-2025-31994

Sažetak

HCL Unica Campaign 12.1.10 is vulnerable to Reflected Cross-Site Scripting (XSS) where an attacker injects malicious script into an HTTP request, which is then reflected unsafely in the server's immediate response to the victim's browser, executing the script as if it originated from the trusted website.

Reference

CVSS

Base:	4.3
Impact:	3.4
Exploitability:	0.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	LOW	LOW

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L

Zadnje važnije ažuriranje

14-10-2025 - 19:36

Objavljeno

13-10-2025 - 04:15