CVE-2025-62328

Low CVSS: 3.7

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors.

Vendor

Product

CWE

CWE-1021

Yayın Tarihi

2026-03-11 22:16:19

Güncelleme

2026-03-12 21:08:22

Source Identifier

psirt@hcl.com

KEV Date Added

Kategoriler

CWE-1021 LOW 2026

Referanslar

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127331