Low severity3.7NVD Advisory· Published Jun 4, 2026· Updated Jun 4, 2026
CVE-2025-52609
CVE-2025-52609
Description
HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting (XSS) attacks by enabling the built-in XSS filtering mechanisms of modern web browsers.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
1- HCL Software: Eight Vulnerabilities Disclosed Across Multiple ProductsVypr Intelligence · Jun 4, 2026