Vulnerability Database

299,690

Total vulnerabilities in the database

CVE-2025-52451

Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.

Published: Aug 22, 2025
Updated: Nov 4, 2025
CVE: CVE-2025-52451
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.5
AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
tableau / tableau_server	-	2023.3.19
tableau / tableau_server	2024.2	2024.2.12
tableau / tableau_server	2025.1	2025.1.3

https://help.salesforce.com/s/articleView?id=005132575&type=1

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo