High severity7.1NVD Advisory· Published Jun 4, 2026· Updated Jun 4, 2026
CVE-2025-52612
CVE-2025-52612
Description
HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. .
Affected products
2Patches
Vulnerability mechanics
References
1- support.hcl-software.com/csmnvdVendor Advisory
News mentions
1- HCL Software: Eight Vulnerabilities Disclosed Across Multiple ProductsVypr Intelligence · Jun 4, 2026