Browse all 4 CVE security advisories affecting Census. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Census is a data integration platform that synchronizes customer data from various sources into marketing and analytics tools. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. The platform has faced multiple security incidents, including a 2021 breach exposing customer data due to an API vulnerability, and several CVEs highlight risks in its data transformation and synchronization features. Security researchers have noted that its extensive third-party integrations create potential attack surfaces, requiring robust input sanitization and secure authentication mechanisms to prevent unauthorized access and data exfiltration.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-60949 | Census CSWeb leaked configuration files — CSWebCWE-200 | 9.1 | Critical | 2026-03-23 |
| CVE-2025-60948 | Census CSWeb stored XSS — CSWebCWE-79 | 4.6 | Medium | 2026-03-23 |
| CVE-2025-60947 | Census CSWeb arbitrary file upload — CSWebCWE-434 | 8.8 | High | 2026-03-23 |
| CVE-2025-60946 | Census CSWeb path traversal — CSWebCWE-22 | 8.8 | High | 2026-03-23 |
This page lists every published CVE security advisory associated with Census. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.