HCL AION is affected by a vulnerability where auto-complete functionality...

2.6 / 10

LOW

CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N

Description

HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions.

Basic Information

ID CVE-2025-62309

Source HCL

Published May 14, 2026 at 16:10

Affected Product

Vendor HCL

Product AION

Version 2.1.0

Affected Versions HCL AION 2.1.0

CWE Classification

CWE-201

References

support.hcl-software.com /csm

{
    "lastseen": "",
    "description": "HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions.",
    "published": "2026-05-14T16:10:49.720Z",
    "modified": "2026-05-14T16:10:49.720Z",
    "type": "cve",
    "title": "HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields.",
    "source": "HCL",
    "references": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636",
    "id": "CVE-2025-62309",
    "bulletinFamily": "",
    "cwe": [
        "CWE-201"
    ],
    "cvelist": null,
    "sourceData": "HCL AION 2.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 2.6,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AION",
    "version": "2.1.0",
    "vendor": "HCL",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields._CVE-2025-62309