CVE-2025-28243

High CVSS: 8.0

An issue in Alteryx Server v.2023.1.1.460 allows HTML injection via a crafted script to the pages component.

Vendor

Product

CWE

Yayın Tarihi

2025-07-10 19:15:23

Güncelleme

2025-07-17 13:16:32

Source Identifier

cve@mitre.org

KEV Date Added

CWE-79 Alteryx Server HIGH Alteryx 2025

https://alteryx.com https://gist.github.com/DylanGrl/fbe4cc8eaf2b95147069c82b39be59b0

Medium

CVE-2025-63291

When processing API requests, the Alteryx server 2022.1.1.42654 and 2024.1 used MongoDB object IDs to uniquely identify…

High

CVE-2025-28244

Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows remote attackers to obtain…

Medium

CVE-2025-28245

Cross-site scripting (XSS) vulnerability in Alteryx Server 2023.1.1.460 allows remote attackers to inject arbitrary web…