CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-27379

A stored cross-site scripting (XSS) vulnerability in the BOM Viewer in Altium AES 7.0.3 allows an authenticated attacker to inject arbitrary JavaScript into the Description field of a schematic, which is executed when the BOM Viewer renders the affected content.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.9%

CVSS Severity

CVSS v3 Score 6.8

References

https://www.altium.com/platform/security-compliance/security-advisories

Products affected by CVE-2025-27379

Altium » On-Prem Enterprise Server » Version: 7.0.3

cpe:2.3:a:altium:on-prem_enterprise_server:7.0.3
Altium » On-Prem Enterprise Server » Version: 7.0.4

cpe:2.3:a:altium:on-prem_enterprise_server:7.0.4
Altium » On-Prem Enterprise Server » Version: 7.0.5

cpe:2.3:a:altium:on-prem_enterprise_server:7.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-27379

Products

Pricing

Contact Us