Medium severity5.4NVD Advisory· Published Dec 2, 2025· Updated Apr 15, 2026
CVE-2025-52622
CVE-2025-52622
Description
The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting (XSS), Clickjacking, and protocol downgrade attacks.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.