CVE-2025-52614
LOWDescription
HCL Unica Platform is affected by a Cookie without HTTPOnly Flag Set vulnerability. A malicious agent may be able to induce this event by feeding a user suitable links, either directly or via another web site.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| hcltech | unica |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-52614? +
How severe is CVE-2025-52614? +
What products are affected by CVE-2025-52614? +
How do I check if I'm vulnerable to CVE-2025-52614? +
Related Vulnerabilities
This vulnerability exists in Digisol DG-GR6821AC Router due to misconfiguration of both Secure and HttpOnly flags on session cookies associated …
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, …
Boruta is a standalone authorization server that aims to implement OAuth 2.0 and Openid Connect up to decentralized identity specifications. …
This vulnerability exists in the CP Plus Router due to insecure handling of cookie flags used within its web interface. …
Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was …
Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, due to …