Critical
resolved
resolved
SSRF in Autodesk Rendering leading to account takeover
Bug reported by was disclosed at March 18, 2025, 6:48 pm | Server-Side Request Forgery (SSRF)
A server side request forgery (SSRF) vulnerability was discovered in Autodesk Rendering. The vulnerability could have allowed an attacker to gain control of a victim's account while they were logged in. Autodesk has fixed the vulnerability.
Medium
resolved
resolved
Django Debug Mode Enabled - Information Disclosure on api.wwm-dev.autodesk.com
Bug reported by ??? ℜ???? ??? was disclosed at March 18, 2025, 5:58 pm | Information Exposure Through Debug Information
The domain api.wwm-dev.autodesk.com was discovered to have Django debug mode enabled, which led to information disclosure. The issue was fixed by Autodesk.
![[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]](https://64.media.tumblr.com/834502d05f9b014cbc37366fe428a5a7/13cb9841c0799d7a-ff/s500x560/e72398fe92beda2aa80d0329e8b9f4febece7568.gif)
