FKIE_CVE-2026-1008

Vulnerability from fkie_nvd - Published: 2026-01-15 23:15 - Updated: 2026-01-23 19:34
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A stored cross-site scripting (XSS) vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques. The injected payload is persisted and executed when other users view the affected profile page, potentially allowing session token theft, phishing attacks, or malicious redirects. Exploitation requires an authenticated account and user interaction to view the crafted profile.
References
4760f414-e1ae-4ff1-bdad-c7a9c3538b79https://www.altium.com/platform/security-compliance/security-advisoriesVendor Advisory
Impacted products
Vendor Product Version
altium altium_live 1.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:altium:altium_live:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75C3257-AC40-4BC5-BEBA-492D4DECCFC1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stored cross-site scripting (XSS) vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques.\nThe injected payload is persisted and executed when other users view the affected profile page, potentially allowing session token theft, phishing attacks, or malicious redirects. Exploitation requires an authenticated account and user interaction to view the crafted profile."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de cross-site scripting (XSS) almacenado en los campos de texto del perfil de usuario de Altium 365. Una sanitizaci\u00f3n de entrada insuficiente por parte del servidor permite a los usuarios autenticados inyectar cargas \u00fatiles arbitrarias de HTML y JavaScript utilizando t\u00e9cnicas de omisi\u00f3n de an\u00e1lisis de atributos basadas en espacios en blanco.\nLa carga \u00fatil inyectada se persiste y se ejecuta cuando otros usuarios ven la p\u00e1gina de perfil afectada, lo que podr\u00eda permitir el robo de tokens de sesi\u00f3n, ataques de phishing o redirecciones maliciosas. La explotaci\u00f3n requiere una cuenta autenticada e interacci\u00f3n del usuario para ver el perfil manipulado."
    }
  ],
  "id": "CVE-2026-1008",
  "lastModified": "2026-01-23T19:34:53.327",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.7,
        "source": "4760f414-e1ae-4ff1-bdad-c7a9c3538b79",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-01-15T23:15:50.970",
  "references": [
    {
      "source": "4760f414-e1ae-4ff1-bdad-c7a9c3538b79",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.altium.com/platform/security-compliance/security-advisories"
    }
  ],
  "sourceIdentifier": "4760f414-e1ae-4ff1-bdad-c7a9c3538b79",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "4760f414-e1ae-4ff1-bdad-c7a9c3538b79",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.