CSV Injection Vulnerability in HCL iControl
CVE-2025-52612
7.1HIGH
What is CVE-2025-52612?
HCL iControl is susceptible to a CSV Injection vulnerability resulting from inadequate input parameter validation. This flaw enables attackers to inject malicious content into CSV files, potentially leading to reflected cross-site scripting attacks when the compromised CSV data is processed. Proper sanitization measures should be implemented to mitigate such risks and enhance the security posture of affected systems.
Affected Version(s)
iControl 4.0.0