CVE Vulnerabilities

CVE-2025-31971

Direct Request ('Forced Browsing')

Published: Aug 28, 2025 | Modified: Aug 28, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

AIML Solutions for HCL SX is vulnerable to a URL validation vulnerability.  The issue may allow attackers to launch a server-side request forgery (SSRF) attack enabling unauthorized network calls from the system, potentially exposing internal services or sensitive information.

Weakness

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

Potential Mitigations

References