12 matches found
CVE-2026-1181
Altium 365 workspace endpoints were configured with an overly permissive Cross-Origin Resource Sharing CORS policy that allowed credentialed cross-origin requests from other Altium-controlled subdomains, including forum.live.altium.com. As a result, JavaScript executing on those origins could...
CVE-2026-1181
Altium 365 workspace endpoints were configured with an overly permissive Cross-Origin Resource Sharing CORS policy that allowed credentialed cross-origin requests from other Altium-controlled subdomains, including forum.live.altium.com. As a result, JavaScript executing on those origins could...
CVE-2026-1181 Altium 365 Over-Permissive CORS Configuration Allows Credentialed Cross-Origin Workspace Access
Altium 365 workspace endpoints were configured with an overly permissive Cross-Origin Resource Sharing CORS policy that allowed credentialed cross-origin requests from other Altium-controlled subdomains, including forum.live.altium.com. As a result, JavaScript executing on those origins could...
CVE-2026-1181
CVE-2026-1181 involves Altium 365 where endpoints were configured with an overly permissive Cross-Origin Resource Sharing (CORS) policy that allowed credentialed cross-origin requests from other Altium-controlled subdomains, including forum.live.altium.com. The root cause is the lax CORS configur...
PT-2026-3437
Name of the Vulnerable Software and Affected Versions Altium Forum affected versions not specified Description A stored cross-site scripting XSS issue exists in the Altium Forum because of insufficient server-side input sanitization of forum post content. An authenticated attacker can inject...
Altium Forum security vulnerabilities
Altium Forum is an online community operated by Altium Corporation in the United States. There is a security vulnerability in Altium Forum, which stems from insufficient input cleaning on the server side. This vulnerability may lead to storage-based cross-site scripting attacks...
CVE-2026-1009
A stored cross-site scripting XSS vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into forum posts, which is stored and executed when other users view the affected post...
CVE-2026-1009
A stored cross-site scripting XSS vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into forum posts, which is stored and executed when other users view the affected post...
CVE-2026-1009 Stored Cross-Site Scripting in Altium Live Forum Leading to Cross-Customer Data Exposure
A stored cross-site scripting XSS vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into forum posts, which is stored and executed when other users view the affected post...
CVE-2026-1009
CVE-2026-1009 is a stored XSS vulnerability in the Altium Forum caused by missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into posts; the payload is stored and executed when other users view the affected post. Successful expl...
CVE-2026-1009 Stored Cross-Site Scripting in Altium Live Forum Leading to Cross-Customer Data Exposure
A stored cross-site scripting XSS vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into forum posts, which is stored and executed when other users view the affected post...
PT-2026-3142
Name of the Vulnerable Software and Affected Versions Altium Forum affected versions not specified Description A stored cross-site scripting XSS issue exists because of insufficient server-side input validation of forum post content. An authenticated attacker can inject arbitrary JavaScript into...