Unrated severityNVD Advisory· Published Mar 26, 2026· Updated Mar 26, 2026
HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability
CVE-2025-55273
Description
HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability where an attacker using external scripts can tamper with the DOM, altering the content or behavior of the application. Malicious scripts can steal cookies or session tokens, leading to session hijacking.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: version 1.0.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.