ZDI-25-255 -

April 24, 2025

Low

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2025-3486.

Affected software

Reference links

https://alltena.com/en/resources/release-notes/release-notes-for-release-8-1-2
http://www.zerodayinitiative.com/advisories/ZDI-25-255/

ZDI-25-255 -

Affected software

Reference links

Get alerted to vulnerabilities in your software