A vulnerability labeled as problematic has been found in HCL DX Compose 9.5 . Impacted is an unknown function. The manipulation results in cross site scripting. This vulnerability was named CVE-2026-21825 . The attack may be performed from remote. There is no available exploit.