Unrated severityNVD Advisory· Published Oct 16, 2025· Updated Oct 16, 2025
HCL BigFix Modern Client Management (MCM) is affected by an insecure Content Security Policy (CSP)
CVE-2025-0276
Description
HCL BigFix Modern Client Management (MCM) 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.
Affected products
2<=3.3+ 1 more
- (no CPE)range: <=3.3
- (no CPE)range: <=3.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.