exploitDog

GHSA-v487-q9c3-h72w

Опубликовано: 10 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows remote attackers to obtain valid user session tokens from localStorage, leading to account takeover

Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows remote attackers to obtain valid user session tokens from localStorage, leading to account takeover

Ссылки

EPSS

Процентиль: 35%

0.00148

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-922

Связанные уязвимости

CVE-2025-28244

CVSS3: 8.8

nvd

7 месяцев назад

Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows remote attackers to obtain valid user session tokens from localStorage, leading to account takeover

EPSS

Процентиль: 35%

0.00148

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-922