Vulnerability Database

299,699

Total vulnerabilities in the database

CVE-2025-52450

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (abdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.

Published: Aug 22, 2025
Updated: Nov 4, 2025
CVE: CVE-2025-52450
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
tableau / tableau_server	-	2023.3.19
tableau / tableau_server	2024.2	2024.2.12
tableau / tableau_server	2025.1	2025.1.3

https://help.salesforce.com/s/articleView?id=005132575&type=1

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo