Cyber Resilience

CVE-2024-42210

High

Published: 19 March 2026

Published
19 March 2026
Modified
23 March 2026
KEV Added
Patch
CVSS Score v3.1 7.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS Score 0.0004 12.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-42210 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Hcltech Unica. Its CVSS base score is 7.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 12.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).

Deeper analysis

CVE-2024-42210 is a stored cross-site scripting (XSS) vulnerability, also known as persistent or second-order XSS, affecting HCL Unica Marketing Operations versions 12.1.8 and lower. The issue arises when the application receives data from an untrusted source and includes that data within later HTTP responses in an unsafe manner. It carries a CVSS v3.1 base score of 7.6, with the vector AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H, and is classified under CWE-79.

Exploitation requires network access (AV:N), high attack complexity (AC:H), high privileges (PR:H), and user interaction (UI:R). A successful attack can achieve high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), with a changed scope (S:C) that elevates the consequences beyond the vulnerable component.

Mitigation details are available in the HCL support knowledge base article at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123760 and the vulnerability research repository on GitHub at https://github.com/MarioTesoro/vulnerability-research/blob/main/CVE-2024-42210/README.md. The CVE was published on 2026-03-19T08:16:18.700.

EU & UK References

Vulnerability details

A Stored cross-site scripting (XSS) vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting (also known as second-order or persistent XSS) arises when an application receives data from an untrusted source and includes that data within its…

more

later HTTP responses in an unsafe way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.007 JavaScript Execution
Adversaries may abuse various implementations of JavaScript for execution.
Why these techniques?

Stored XSS in public-facing web app directly enables T1190 exploitation and arbitrary JavaScript execution via T1059.007.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-62319Same product: Hcltech Unica
CVE-2026-3231Shared CWE-79
CVE-2025-23481Shared CWE-79
CVE-2025-69302Shared CWE-79
CVE-2025-23734Shared CWE-79
CVE-2025-23571Shared CWE-79
CVE-2025-65110Shared CWE-79
CVE-2026-24948Shared CWE-79
CVE-2025-27352Shared CWE-79
CVE-2025-30349Shared CWE-79

Affected Assets

hcltech
unica
≤ 12.1.9

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Filters information outputs to ensure untrusted stored data is rendered safely in HTTP responses, directly preventing stored XSS execution.

prevent

Validates information inputs from untrusted sources to block malicious scripts before they are accepted and stored by the application.

prevent

Restricts the types and characteristics of inputs accepted at system interfaces to exclude XSS payloads like script tags and other malicious code.

References