CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-10244

A maliciously crafted HTML payload, when rendered by the Autodesk Fusion desktop application, can trigger a Stored Cross-site Scripting (XSS) vulnerability. A malicious actor may leverage this vulnerability to read local files or execute arbitrary code in the context of the current process.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.1%

CVSS Severity

CVSS v3 Score 8.7

References

https://dl.appstreaming.autodesk.com/production/installers/Fusion%20Client%20Downloader.dmg
https://dl.appstreaming.autodesk.com/production/installers/Fusion%20Client%20Downloader.exe
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0020

Products affected by CVE-2025-10244

Autodesk » Fusion » Version: Any

cpe:2.3:a:autodesk:fusion:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-10244

Products

Pricing

Contact Us