Altium 365 workspace endpoints were configured with an overly permissive Cross-Origin Resource Sharing (CORS) policy that allowed credentialed cross-origin requests from other Altium-controlled subdomains, including forum.live.altium.com. As a result, JavaScript executing on those origins could access authenticated workspace APIs in the context of a logged-in user. When chained with vulnerabilities in those external applications, this misconfiguration enables unauthorized access to workspace data, administrative actions, and bypass of IP allowlisting controls, including in GovCloud environments.
Exploitability
AV:NAC:LPR:LUI:RScope
S:CImpact
C:HI:HA:H9/CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:HConfiguration
Other