CVE-2025-52653 HIGH

CVE-2025-52653: Cross Site Scripting vulnerability in the web application

Vendor Hcl
Product HCL MyXalytics
Weakness CWE-79 · XSS
Published October 3, 2025
Last update October 3, 2025

CVSS base score

7.6/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H

What the vulnerability does

01Description

HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of unauthorized scripts, potentially resulting in unauthorized actions or access.

Key dates

02Disclosure timeline

October 3, 2025 CVE published
October 3, 2025 Record updated