HCL Unica MaxAI Workbench Improper Input Validation Vulnerability Allowing SQL Injection, XSS, or Command Injection
Vulnerability
A vulnerability exists in HCL Unica MaxAI Workbench versions 12.1.10 prior to 25.1, due to improper input validation. This flaw enables attackers to execute SQL injection, cross-site scripting (XSS), or command injection attacks, potentially leading to unauthorized access or data breaches.
Impact
Exploitation of this vulnerability could result in successful SQL injection, cross-site scripting, or command injection attacks, allowing unauthorized access or causing data breaches.
Remediation
Users are advised to upgrade to HCL Unica MaxAI Workbench version 25.1.0.1, available from the My HCLSoftware Portal.
Added: Oct 13, 2025, 5:16 AM
Updated: Oct 13, 2025, 5:16 AM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
7.5exploitability
5.2remediation
7.7relevance
0.7threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.