CNNVD-202601-3554 Information
CNNVD ID
CNNVD-202601-3554
Related CVE
- CNNVD Published: 2026-01-22
Description (Chinese)
Autodesk Fusion是美国Autodesk公司的一款数据管理软件平台。 Autodesk Fusion存在安全漏洞,该漏洞源于组件描述中存储恶意HTML有效载荷,可能导致存储型跨站脚本攻击,进而读取本地文件或执行任意代码。
Description (English)
Autodesk Fusion is a data management software platform for Autodesk in the United States. Autodesk Fusion has a security loophole, which results from the storage of a malicious HTML payload in the component description, which may result in a storage-type cross-site scrip attack, leading to the reading of local files or the execution of any code.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Autodesk
Published
2026-01-22
Last Modified
2026-02-24
References
https://dl.appstreaming.autodesk.com/production/installers/Fusion%20Client%20Downloader.dmg https://dl.appstreaming.autodesk.com/production/installers/Fusion%20Client%20Downloader.exe https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0001
Patch
https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0001
Share on: