Adobe Connect Security Vulnerabilities and Issues — Adobe Connect CVE List

Lucene search

AdobeAdobe Connect

40 matches found

CVE•added 2023/09/13 9:15 a.m.•60 views

CVE-2023-29305

Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

6.1CVSS5.8AI score0.01071EPSS

CVE•added 2017/07/17 1:18 p.m.•59 views

CVE-2017-3102

Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack.

6.1CVSS5.9AI score0.00954EPSS

CVE•added 2024/12/10 9:15 p.m.•56 views

CVE-2024-54037

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, th...

8.1CVSS6.9AI score0.0303EPSS

CVE•added 2017/07/17 1:18 p.m.•55 views

CVE-2017-3103

Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to a stored cross-site scripting attack.

6.1CVSS5.9AI score0.00638EPSS

CVE•added 2018/05/19 5:29 p.m.•54 views

CVE-2018-4923

Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion.

9.1CVSS9.1AI score0.12624EPSS

CVE•added 2017/12/09 6:29 a.m.•53 views

CVE-2017-11291

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls.

10CVSS9.3AI score0.0208EPSS

CVE•added 2017/07/17 1:18 p.m.•53 views

CVE-2017-3101

Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability. Successful exploitation could lead to a clickjacking attack.

7.5CVSS7.2AI score0.05135EPSS

CVE•added 2024/12/10 9:15 p.m.•53 views

CVE-2024-54042

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the vict...

6.1CVSS5.6AI score0.00219EPSS

CVE•added 2023/09/13 9:15 a.m.•52 views

CVE-2023-29306

6.1CVSS5.8AI score0.01071EPSS

CVE•added 2018/07/20 7:29 p.m.•51 views

CVE-2018-12805

Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation.

9.8CVSS9.3AI score0.02504EPSS

CVE•added 2024/12/10 9:15 p.m.•51 views

CVE-2024-54050

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

6.1CVSS6.5AI score0.00067EPSS

CVE•added 2024/12/10 9:15 p.m.•50 views

CVE-2024-54046

6.1CVSS5.9AI score0.00219EPSS

CVE•added 2017/12/09 6:29 a.m.•49 views

CVE-2017-11289

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure.

6.1CVSS6.9AI score0.01208EPSS

CVE•added 2024/12/10 9:15 p.m.•48 views

CVE-2024-54038

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of ...

4.3CVSS5AI score0.00076EPSS

CVE•added 2025/05/13 9:16 p.m.•48 views

CVE-2025-43567

Adobe Connect versions 12.8 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...

9.3CVSS7.8AI score0.00137EPSS

CVE•added 2024/12/10 9:15 p.m.•47 views

CVE-2024-54044

6.1CVSS5.9AI score0.00219EPSS

CVE•added 2024/12/10 9:15 p.m.•46 views

CVE-2024-54043

6.1CVSS5.6AI score0.00219EPSS

CVE•added 2016/11/08 5:59 p.m.•45 views

CVE-2016-7851

Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks.

6.1CVSS5.8AI score0.06511EPSS

CVE•added 2017/12/09 6:29 a.m.•45 views

CVE-2017-11288

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure.

6.1CVSS6.9AI score0.01208EPSS

CVE•added 2017/12/09 6:29 a.m.•45 views

CVE-2017-11290

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administrators to protect users from UI redressing (or clickjacking) attacks.

6.1CVSS7.5AI score0.00448EPSS

CVE•added 2018/07/20 7:29 p.m.•45 views

CVE-2018-12804

Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session hijacking.

9.8CVSS9.3AI score0.0602EPSS

CVE•added 2024/12/10 9:15 p.m.•45 views

CVE-2024-54041

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page cont...

5.4CVSS5.3AI score0.00038EPSS

CVE•added 2024/12/10 9:15 p.m.•44 views

CVE-2024-54032

9.3CVSS6.8AI score0.00368EPSS

CVE•added 2024/12/10 9:15 p.m.•44 views

CVE-2024-54040

5.4CVSS5.3AI score0.00038EPSS

CVE•added 2024/12/10 9:15 p.m.•44 views

CVE-2024-54048

6.1CVSS5.6AI score0.00219EPSS

CVE•added 2024/12/10 9:15 p.m.•44 views

CVE-2024-54051

6.1CVSS6.5AI score0.00067EPSS

CVE•added 2024/12/10 9:15 p.m.•43 views

CVE-2024-54034

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. A ...

9.3CVSS7.8AI score0.00368EPSS

CVE•added 2017/12/09 6:29 a.m.•42 views

CVE-2017-11287

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure.

6.1CVSS6.9AI score0.01208EPSS

CVE•added 2018/05/19 5:29 p.m.•42 views

CVE-2018-4994

Adobe Connect versions 9.7.5 and earlier have an exploitable Authentication Bypass vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.5CVSS7.4AI score0.13032EPSS

CVE•added 2024/12/10 9:15 p.m.•42 views

CVE-2024-54039

5.4CVSS5.3AI score0.00038EPSS

CVE•added 2024/12/10 9:15 p.m.•42 views

CVE-2024-54049

6.1CVSS5.7AI score0.001EPSS

CVE•added 2024/12/10 9:15 p.m.•41 views

CVE-2024-49550

6.1CVSS5.7AI score0.001EPSS

CVE•added 2018/05/19 5:29 p.m.•40 views

CVE-2018-4921

Adobe Connect versions 9.7 and earlier have an exploitable unrestricted SWF file upload vulnerability. Successful exploitation could lead to information disclosure.

6.1CVSS7.2AI score0.00612EPSS

CVE•added 2024/12/10 9:15 p.m.•40 views

CVE-2024-54045

6.1CVSS6.1AI score0.00219EPSS

CVE•added 2024/12/10 9:15 p.m.•39 views

CVE-2024-54036

9.3CVSS8AI score0.00368EPSS

CVE•added 2024/12/10 9:15 p.m.•39 views

CVE-2024-54047

6.1CVSS5.6AI score0.00219EPSS

CVE•added 2025/05/13 9:16 p.m.•34 views

CVE-2025-30314

Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing t...

6.1CVSS5.8AI score0.00098EPSS

CVE•added 2025/05/13 9:16 p.m.•31 views

CVE-2025-30315

6.1CVSS5.8AI score0.00098EPSS

CVE•added 2025/05/13 9:16 p.m.•31 views

CVE-2025-30316

Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the pag...

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/07/08 10:15 p.m.•7 views

CVE-2025-27203

Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does require user interaction and scope is changed.

9.6CVSS7.2AI score0.03743EPSS