exploitDog

CVE-2025-28244

Опубликовано: 10 июл. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows remote attackers to obtain valid user session tokens from localStorage, leading to account takeover

Ссылки

https://alteryx.com
Product
https://gist.github.com/DylanGrl/2771afe86bdd2665b83f28c1ff5c12eb
Exploit
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:alteryx:alteryx_server:2023.1.1.460:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00148

Низкий

8.8 High

CVSS3

Дефекты

CWE-922

Связанные уязвимости

GHSA-v487-q9c3-h72w

CVSS3: 8.8

github

7 месяцев назад

Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows remote attackers to obtain valid user session tokens from localStorage, leading to account takeover

EPSS

Процентиль: 35%

0.00148

Низкий

8.8 High

CVSS3

Дефекты

CWE-922