Vulnerability Database

321,821

Total vulnerabilities in the database

CVE-2025-52623

HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability. This can allow autocomplete on password fields may lead to unintended storage or disclosure of sensitive credentials, potentially increasing the risk of unauthorized access. This issue affects AION: 2.0.

Published: Feb 3, 2026
Updated: Feb 4, 2026
CVE: CVE-2025-52623
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.7
AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L

CWEs:

CWE-522

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

No affected software listed.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo