CNNVD-202508-1881 Information

CNNVD ID

CNNVD-202508-1881

Related CVE

CVE-2025-52620

• CNNVD Published: 2025-08-15

Description (Chinese)

HCL BigFix SaaS Authentication Service是印度HCL公司的一个端点管理平台。 HCL BigFix SaaS Authentication Service存在安全漏洞，该漏洞源于图像上传功能未充分验证图像格式，可能导致跨站脚本攻击。

Description (English)

HCL BigFix SaaS Administration Service is an end-point management platform for HCL India. HCL BigFix SaaS Administration Service has a security loophole, which results from the image upload function ’ s inadequate validation of the image format, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

HCL

Published

2025-08-15

Last Modified

2026-02-24

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330 https://nvd.nist.gov/vuln/detail/CVE-2025-52620

Patch

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330