HCL Aftermarket EPC is vulnerable to attack as the application implements an HTML5 cross-origin resource sharing (CORS) policy for this request that allows access from any domain (*-Wildcard).
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0132294