VYPR
Medium severity4.3NVD Advisory· Published Oct 13, 2025· Updated Apr 15, 2026

CVE-2025-31994

CVE-2025-31994

Description

HCL Unica Campaign 12.1.10 is vulnerable to Reflected Cross-Site Scripting (XSS) where an attacker injects malicious script into an HTTP request, which is then reflected unsafely in the server's immediate response to the victim's browser, executing the script as if it originated from the trusted website.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.