CVE-2025-62320

Name of the Vulnerable Software and Affected Versions HCL Unica Platform (affected versions not specified)

Description An HTML injection issue can occur when a web application does not properly validate or sanitize user input before displaying it on a webpage. This allows an attacker to insert unwanted HTML code into the page. When a browser loads the page, it may automatically interact with external resources included in the injected HTML, potentially causing unexpected requests from the user’s browser. This can lead to data exfiltration to an external server.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.