PT-2026-60469 · Hcl · Dfxanalytics

CVE-2026-35143

·

Published

2026-07-16

·

Updated

2026-07-16

CVSS v3.1

3.0

Low

VectorAV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
Name of the Vulnerable Software and Affected Versions HCL DFXAnalytics (affected versions not specified)
Description The application fails to set the SameSite attribute on session cookies generated during authentication. This omission could allow a remote attacker to perform Cross-Site Request Forgery (CSRF) attacks, which is a technique used to trick a user's browser into performing an unwanted action on a different website, provided that other mitigations like Anti-CSRF tokens are not in place.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-35143

Affected Products

Dfxanalytics