Approved changes feed: RSS · Atom
cpe:2.3:a:altium:aes:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Altium (0a2f714e-ee70-5e20-8e9c-1ce76de9fcfe) |
|---|---|
| Product | Aes (ab3dbf5a-7113-5e56-8931-cebc027f5dd1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-27380 |
vulnerable | 2026-06-08 07:14:54.867948 |
HTML Injection Leading to Script Execution in Altium Enterprise Server
HIGH (7.6)
HTML injection in Project Release in Altium Enterprise Server (AES) 7.0.3 on all platforms allows an authenticated attacker to execute arbitrary JavaScript in the victim’s browser via crafted HTML content.
Published: 2026-01-22T01:28:24.200Z
Updated: 2026-01-22T18:55:23.707Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27379 |
vulnerable | 2026-06-08 07:14:54.867607 |
Stored Cross-Site Scripting in AES BOM Viewer
MEDIUM (6.8)
A stored cross-site scripting (XSS) vulnerability in the BOM Viewer in Altium AES 7.0.3 allows an authenticated attacker to inject arbitrary JavaScript into the Description field of a schematic, which is executed when the BOM Viewer renders the affected content.
Published: 2026-01-22T01:17:54.729Z
Updated: 2026-01-22T19:19:24.809Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27378 |
vulnerable | 2026-06-08 07:14:54.865920 |
SQL Injection in AES Due to Inactive SQL Parsing Configuration
HIGH (8.6)
AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to inject and execute arbitrary SQL queries.
Published: 2026-01-22T01:06:19.022Z
Updated: 2026-01-22T19:20:07.317Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.