Vulnerabilities

CVE-2026-1181 - Stored Cross-Site Scripting in Altium 365 Forum Leading to Cross-Customer Data Ex...

2026-01-19 0 views admin

CVE ID : CVE-2026-1181 Published : Jan. 19, 2026, 1:16 p.m. | 47 minutes ago Description : A stored cross-site scripting (XSS) vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into forum posts, which is stored and executed when other users view the affected post. Successful exploitation allows the attacker’s payload to execute in the context of the victim’s authenticated Altium 365 session, enabling unauthorized access to workspace data, including design files and workspace settings. Exploitation requires user interaction to view a malicious forum post. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-1181

Severity

CRITICAL

Published

Jan. 19, 2026

Impact: XSS

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-1181critical

CVE-2026-1181 - Stored Cross-Site Scripting in Altium 365 Forum Leading to Cross-Customer Data Ex...

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-1161 - pbrong hrms recruitment.go UpdateRecruitmentById cross site scripting

CVE-2026-23533 - FreeRDP has heap-buffer-overflow in clear_decompress_residual_data

CVE-2026-23534 - FreeRDP has heap-buffer-overflow in clear_decompress_bands_data

CVE-2026-23732 - FreeRDP has heap-buffer-overflow in Glyph_Alloc

Trending

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

Tech: Data is the only moat

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

Tech: AWS European Sovereign Cloud

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3