CVE-2025-62319CRITICAL 9.8EPSS p19.6%

CVE-2025-62319CVE-2025-62319

hcltech / unica

Description

Boolean-Based SQL Injection is a type of blind SQL injection where an attacker manipulates SQL queries by injecting Boolean conditions (TRUE or FALSE) into application input fields. Instead of returning database errors or visible data, the application responds differently depending on whether the injected condition evaluates to true or false. This allows an attacker to inject arbitrary SQL into backend configuration queries executed within the application.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.28% probability of exploitation · percentile 19.6% · 2026-06-19T12:03:05Z
Published2026-03-16
Last modified2026-06-05

Underlying weaknesses· 1

CWE-89

References

  1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')cwe-890%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-23176
CVE
CVE-2025-48650
CVE
CVE-2025-52694
CVE
CVE-2025-40886
CVE
CVE-2025-50341
CVE
CVE-2025-22523
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.