CVE-2025-28245

Medium CVSS: 6.1

Cross-site scripting (XSS) vulnerability in Alteryx Server 2023.1.1.460 allows remote attackers to inject arbitrary web script or HTML via the notification body.

Vendor

Alteryx

Product

Alteryx Server

CWE

CWE-79

Yayın Tarihi

2025-07-10 19:15:24

Güncelleme

2025-07-17 00:58:02

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Alteryx Server MEDIUM Alteryx 2025

Referanslar

https://alteryx.com https://gist.github.com/DylanGrl/5e0ac3924f4d939e9c1ebb8632f2851b https://gist.github.com/DylanGrl/5e0ac3924f4d939e9c1ebb8632f2851b

Benzer Kayıtlar

Medium

CVE-2025-63291

When processing API requests, the Alteryx server 2022.1.1.42654 and 2024.1 used MongoDB object IDs to uniquely identify…

High

CVE-2025-28244

Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows remote attackers to obtain…

High

CVE-2025-28243

An issue in Alteryx Server v.2023.1.1.460 allows HTML injection via a crafted script to the pages component.