CNNVD-202601-3555 Information
CNNVD ID
CNNVD-202601-3555
Related CVE
- CNNVD Published: 2026-01-22
Description (Chinese)
Autodesk Fusion是美国Autodesk公司的一款数据管理软件平台。 Autodesk Fusion存在安全漏洞,该漏洞源于部件属性中存储恶意HTML有效载荷,可能导致存储型跨站脚本攻击,进而读取本地文件或执行任意代码。
Description (English)
Autodesk Fusion is a data management software platform for Autodesk in the United States. There is a security loophole in Autodesk Fusion, which stems from the storage of malicious HTML payloads in the widget properties, which may lead to a storage-type cross-site scrip attack, leading to local files being read or any code being executed.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Autodesk
Published
2026-01-22
Last Modified
2026-02-24
References
https://dl.appstreaming.autodesk.com/production/installers/Fusion%20Client%20Downloader.dmg https://dl.appstreaming.autodesk.com/production/installers/Fusion%20Client%20Downloader.exe https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0001
Patch
https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0001
Share on: