CWE-1032

4 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-1032page 1 of 1

CVE-2025-52624MEDIUMCVSS 5.4EG 5.4
2025-10-10
A vulnerability Bypass of the script allowlist configuration in HCL AION. An incorrectly configured Content-Security-Policy header may allow unauthorized scripts to execute, increasing the risk of cross-site scripting and other injec…
CVE-2025-52629LOWCVSS 3.7EG 3.7
2026-02-03
HCL AION is susceptible to Missing Content-Security-Policy. An The absence of a CSP header may increase the risk of cross-site scripting and other content injection attacks by allowing unsafe scripts or resources to execute..This issue …
CVE-2025-52635LOWCVSS 3.7EG 3.7
2025-10-10
A rusted types in scripts not enforced in CSP vulnerability has been identified in HCL AION.This issue affects AION: 2.0.
CVE-2025-52650HIGHCVSS 8.2EG 8.2
2025-10-10
Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0

Map vulnerabilities like CWE-1032 to your infrastructure

EchelonGraph correlates every CVE — across CWE-1032 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →