CVE-2025-10244
published 2025-09-23CVE-2025-10244: A maliciously crafted HTML payload, when rendered by the Autodesk Fusion desktop application, can trigger a Stored Cross-site Scripting (XSS) vulnerability. A…
high8.7CVSS 3.1
AVNACLPRLUIRSCCHIHAN
A maliciously crafted HTML payload, when rendered by the Autodesk Fusion desktop application, can trigger a Stored Cross-site Scripting (XSS) vulnerability. A malicious actor may leverage this vulnerability to read local files or execute arbitrary code in the context of the current process.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| autodesk | fusion | >= 2602.1.25 < 2604.1.25 | 2604.1.25 |