8 vulnerabilities classified as CWE-1275. AI Chinese analysis included.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52628 | HCL AION is susceptible to Missing SameSite vulnerability — AION | 4.6 | Medium | 2026-02-03 |
| CVE-2023-53957 | Kimai 1.30.10 SameSite Cookie Vulnerability Session Hijacking — Kimai | 9.8 | Critical | 2025-12-19 |
| CVE-2025-36134 | IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure — Sterling B2B Integrator | 3.7 | Low | 2025-11-25 |
| CVE-2024-42212 | HCL BigFix Compliance is affected by an improper or missing SameSite attribute — HCL BigFix Compliance | 5.4 | Medium | 2025-05-05 |
| CVE-2024-30155 | HCL SX is susceptible to cookie with Insecure, Improper, or Missing SameSite attribute vulnerability — HCL SX | 5.5 | Medium | 2025-03-26 |
| CVE-2025-24387 | Missing CSRF protection — OTRS | 4.8 | Medium | 2025-03-10 |
| CVE-2024-43173 | IBM Concert information disclosure — Concert | 3.7 | Low | 2024-10-22 |
| CVE-2022-38386 | IBM Cloud Pak for Security information disclosure — Cloud Pak for Security | 5.9 | Medium | 2024-05-01 |
Vulnerabilities classified as CWE-1275 represent 8 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.