Lucene search
+L

8 matches found

redhatcve
redhatcve
added 2026/01/16 11:31 p.m.5 views

CVE-2026-1010

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

8CVSS5.8AI score0.00303EPSS
Exploits0References1
nvd
nvd
added 2026/01/15 11:15 p.m.14 views

CVE-2026-1010

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

8CVSS0.00303EPSS
Exploits0References1
osv
osv
added 2026/01/15 11:15 p.m.5 views

CVE-2026-1010

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

5.4CVSS5.9AI score0.00303EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/01/15 11:0 p.m.3 views

CVE-2026-1010

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

8CVSS5.4AI score0.00303EPSS
Exploits0References2
cve
cve
added 2026/01/15 11:0 p.m.17 views

CVE-2026-1010

CVE-2026-1010 is a stored XSS vulnerability in the Altium Workflow Engine caused by missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data, and when an administrator views the affected workflow, the ...

8CVSS5.4AI score0.00303EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/01/15 11:0 p.m.27 views

CVE-2026-1010 Stored Cross-Site Scripting in Altium Enterprise Server Workflow Engine Allows Privilege Escalation

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

8CVSS0.00303EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/01/15 11:0 p.m.3 views

CVE-2026-1010 Stored Cross-Site Scripting in Altium Enterprise Server Workflow Engine Allows Privilege Escalation

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

8CVSS5.4AI score0.00303EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/01/15 12:0 a.m.22 views

PT-2026-3143

Name of the Vulnerable Software and Affected Versions Altium Workflow Engine affected versions not specified Description A stored cross-site scripting XSS issue exists because of insufficient server-side input sanitization within workflow form submission APIs. An authenticated user can inject...

8CVSS5.7AI score0.00303EPSS
Exploits0References4
Rows per page
Query Builder