4 vulnerabilities classified as CWE-1032 (OWASP 2017年十大分类A6-安全配置错误). AI Chinese analysis included.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52629 | HCL AION is susceptible to Missing Content-Security-Policy — AION | 3.7 | Low | 2026-02-03 |
| CVE-2025-52624 | HCL AION is susceptible to Bypass of the script allow list configuration vulnerability — AION | 5.4 | Medium | 2025-10-10 |
| CVE-2025-52635 | HCL AION is susceptible to Trusted types in scripts not enforced in CSP — AION | 3.7 | Low | 2025-10-10 |
| CVE-2025-52650 | HCL AION is susceptible to Inline script execution allowed in CSP vulnerability — HCL AION | 8.2 | High | 2025-10-10 |
Vulnerabilities classified as CWE-1032 (OWASP 2017年十大分类A6-安全配置错误) represent 4 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.