Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL AION is susceptible to Missing Content-Security-Policy
Vulnerability Description
HCL AION is susceptible to Missing Content-Security-Policy. An The absence of a CSP header may increase the risk of cross-site scripting and other content injection attacks by allowing unsafe scripts or resources to execute..This issue affects AION: 2.0.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
Vulnerability Type
OWASP 2017年十大分类A6-安全配置错误
Vulnerability Title
HCL AION 安全漏洞
Vulnerability Description
HCL AION是印度HCL公司的一款AI生命周期管理平台。 HCL AION 2.0版本存在安全漏洞,该漏洞源于缺少内容安全策略标头,可能增加跨站脚本攻击风险。
CVSS Information
N/A
Vulnerability Type
N/A