Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Allegra — Vulnerabilities & Security Advisories 22

Browse all 22 CVE security advisories affecting Allegra. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Allegra operates as a specialized software platform, primarily serving enterprise environments with solutions for data management and workflow automation. Security audits have identified twenty-two distinct Common Vulnerabilities and Exposures (CVEs) associated with the product, highlighting significant historical weaknesses in its codebase. The most prevalent vulnerability classes include Remote Code Execution (RCE), which allows attackers to execute arbitrary commands, and Cross-Site Scripting (XSS), enabling malicious script injection. Additionally, the software has suffered from privilege escalation flaws that permit unauthorized users to gain administrative access. These issues often stem from inadequate input validation and insufficient access controls within the application’s architecture. While no single catastrophic public breach has been widely documented as a direct result of these specific CVEs, the cumulative risk profile suggests a need for rigorous patch management. Organizations relying on Allegra must prioritize regular security updates to mitigate these known exploitation vectors and ensure system integrity.

Top products by Allegra: Allegra
CVE IDTitleCVSSSeverityPublished
CVE-2025-11466 Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability — AllegraCWE-22 6.5AIMediumAI2025-10-29
CVE-2025-6216 Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability — AllegraCWE-640 9.8AICriticalAI2025-06-21
CVE-2025-3485 Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability — AllegraCWE-22 8.8AIHighAI2025-06-06
CVE-2025-3486 Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability — AllegraCWE-22 8.8AIHighAI2025-05-22
CVE-2024-5581 Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability — AllegraCWE-22 8.8 -2024-11-22
CVE-2024-5580 Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability — AllegraCWE-502 8.8 -2024-11-22
CVE-2024-5579 Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability — AllegraCWE-502 8.8 -2024-11-22
CVE-2024-30372 Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability — AllegraCWE-1336 8.8 -2024-11-22
CVE-2023-52334 Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability — AllegraCWE-22 6.5 -2024-11-22
CVE-2023-52333 Allegra saveFile Directory Traversal Remote Code Execution Vulnerability — AllegraCWE-22 8.8 -2024-11-22
CVE-2023-52332 Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability — AllegraCWE-22 7.5 -2024-11-22
CVE-2023-51648 Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability — AllegraCWE-22 6.5 -2024-11-22
CVE-2023-51647 Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability — AllegraCWE-22 8.8 -2024-11-22
CVE-2023-51646 Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability — AllegraCWE-22 8.8 -2024-11-22
CVE-2023-51645 Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability — AllegraCWE-22 8.8 -2024-11-22
CVE-2023-51644 Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability — AllegraCWE-284 9.8 -2024-11-22
CVE-2023-51643 Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability — AllegraCWE-22 8.8 -2024-11-22
CVE-2023-51642 Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability — AllegraCWE-502 8.8 -2024-11-22
CVE-2023-51641 Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability — AllegraCWE-502 8.8 -2024-11-22
CVE-2023-51640 Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability — AllegraCWE-22 8.8 -2024-11-22
CVE-2023-51639 Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability — AllegraCWE-22 9.8 -2024-11-22
CVE-2023-51638 Allegra Hard-coded Credentials Authentication Bypass Vulnerability — AllegraCWE-798 9.8 -2024-11-22

This page lists every published CVE security advisory associated with Allegra. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.