Vulnerability Details CVE-2025-31966
HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.1%
CVSS Severity
CVSS v3 Score 2.7