HCL Nomad server on Domino: Sensitive information at risk from malicious frames

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

3.7

HCL Nomad server on Domino: Sensitive information at risk from malicious frames

CVE-2025-62328

Summary

The HCL Nomad server on Domino does not have a security setting to prevent malicious websites from framing (embedding) its content. This could allow an attacker to steal sensitive information from users who visit the Nomad server. To fix this, update the server to include the necessary security setting.

Original title

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspeci...

Original description

nvd CVSS3.1 3.7

Vulnerability type

CWE-1021

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127331

Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026