CVE-2025-55270
HCL Aftermarket DPC is affected by Improper Input Validation
In short
HCL Aftermarket DPC doesn't properly check user input, allowing attackers to inject harmful code that could execute commands or steal data through techniques like XSS and SQL Injection.
Technical detail
The application fails to validate and sanitize user-supplied input before processing it, enabling code injection attacks including XSS, SQL Injection, and Command Injection depending on how the input is used in the application context.
Summary generated and translated by AI from the official description.
HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Affected products
HCL · Aftermarket DPCWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →