Low severity3.7NVD Advisory· Published May 6, 2026· Updated May 6, 2026
CVE-2025-31983
CVE-2025-31983
Description
HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting (XSS) and potential exposure of sensitive information.
Affected products
2cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
1- support.hcl-software.com/csmnvdVendor Advisory
News mentions
0No linked articles in our index yet.