CVE-2026-1010 Stored Cross-Site Scripting in Altium Enterprise Server Workflow Engine Allows Privilege Escalation

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

Liferay Portal 和 Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, a J2EE-based portal solution that uses EJB and JMS technologies and serves as a web publishing and shared workspace, enterprise collaboration platform, social network, etc. Liferay DXP is a digital experience collaboration platform...