CVE-2025-52450 – “Tableau Server Path Traversal”

August 22, 2025

CVE ID : CVE-2025-52450

Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 21 minutes ago

Description : Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Salesforce Tableau Server on Windows, Linux (abdoc api – create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-55455 – DooTask Authenticated Arbitrary Download Vulnerability

Next Article CVE-2025-52451 – “Salesforce Tableau Server Absolute Path Traversal Vulnerability”

Highlights

CVE-2025-55107 – Esri Portal for ArcGIS Enterprise Sites Cross-Site Scripting (XSS)

August 21, 2025

CVE ID : CVE-2025-55107

Published : Aug. 21, 2025, 8:15 p.m. | 4 hours, 39 minutes ago

Description : There is a stored
Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites
versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to
inject malicious a file with an embedded xss script which when loaded could
potentially execute arbitrary JavaScript code in the victim’s browser. The
privileges required to execute this attack are high. The attack could
disclose a privileged token which may result in the attacker gaining full
control of the Portal.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Exploring CSS’ new “if conditions”

July 9, 2025

Chinese Hackers Now Exploiting SharePoint Zero-Days to Deploy Warlock Ransomware: MSFT

July 24, 2025

EPFL Researchers Unveil FG2 at CVPR: A New AI Model That Slashes Localization Errors by 28% for Autonomous Vehicles in GPS-Denied Environments

June 16, 2025

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

I found the ultimate MacBook Air alternative for Windows users – and it’s priced well

Outdated IT help desks are holding businesses back – but there is a solution

Android’s latest update can force apps into dark mode – how to see it now

I tried the Google Pixel Watch 4 – and these key features made it feel indispensable

Building Cross-Platform Alerts with Laravel’s Notification Framework

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

How to install OpenPlatform — IoT platform

Basics of Digital Forensics

Basics of Digital Forensics

Top Linux Server Automation Tools: Simplifying System Administration

Rising from the Ashes: How AlmaLinux and Rocky Linux Redefined the Post-CentOS Landscape

CVE-2025-52450 – “Tableau Server Path Traversal”

“What happens online stays online” and other cyberbullying myths, debunked

The need for speed: Why organizations are turning to rapid, trustworthy MDR

Researchers sound alarm: How a few secretive AI companies could crush free society

CVE-2025-29743 – D-Link DIR-816 Command Injection Vulnerability

CVE-2022-47914 – Cisco WebEx Remote Code Execution

CVE-2025-2745 – AVEVA PI Web API Cross-Site Scripting (XSS) Vulnerability

CVE-2025-55107 – Esri Portal for ArcGIS Enterprise Sites Cross-Site Scripting (XSS)

Exploring CSS’ new “if conditions”

Chinese Hackers Now Exploiting SharePoint Zero-Days to Deploy Warlock Ransomware: MSFT

EPFL Researchers Unveil FG2 at CVPR: A New AI Model That Slashes Localization Errors by 28% for Autonomous Vehicles in GPS-Denied Environments

CVE-2025-52450 – “Tableau Server Path Traversal”

Related Posts