CVE-2025-62328

HCL Nomad server on Domino is affected by a missing default frame-ancestors directive

CVSS 3.7 LOWEPSS 0.2%CWE-1021

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Productos afectados

HCLSoftware · Nomad server on Domino

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127331