ZDI-25-254

Low

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2025-3485.

Published April 24, 2025.

Affected software

Get alerts for this software

Reference links

https://alltena.com/en/resources/release-notes/release-notes-for-release-8-1-2
http://www.zerodayinitiative.com/advisories/ZDI-25-254/