Lucene search
K
AdobeConnect

74 matches found

CVE
CVE
added 2023/02/17 12:0 a.m.144 views

CVE-2023-22232

Adobe Connect versions 11.4.5 and earlier, 12.1.5 and earlier are affected by an Improper Access Control vulnerability that could bypass a security feature. An unauthenticated attacker could exploit the system/download endpoint to download arbitrary files, impacting confidentiality and potentiall...

5.3CVSS4.9AI score0.81875EPSS
Web
CVE
CVE
added 2021/10/21 7:33 p.m.88 views

CVE-2021-40719

Adobe Connect CVE-2021-40719 affects version 11.2.3 and earlier. The issue is a Deserialization of Untrusted Data in AMF message handling on the server, enabling arbitrary method invocation and remote code execution. Documents indicate high to critical impact (CVSSv3 base 9.8, high/partial in oth...

9.8CVSS8.3AI score0.03419EPSS
CVE
CVE
added 2023/09/13 8:27 a.m.74 views

CVE-2023-29305

Adobe Connect is affected by a reflected XSS in versions 12.3 and earlier. The vulnerability arises in how URLs referencing vulnerable pages may execute malicious JavaScript in the victim’s browser. Adobe’s advisory APSB23-33 fixes multiple vulnerabilities by updating Connect to 12.4.1 (and relat...

6.1CVSS5.8AI score0.00403EPSS
CVE
CVE
added 2017/07/14 5:0 a.m.73 views

CVE-2017-3102

Adobe Connect versions 9.6.1 and earlier are affected by a reflected cross-site scripting vulnerability (CVE-2017-3102). The issue is described in the APSB17-22 advisory as a vulnerability in input handling that enables reflected XSS; the related OpenVAS/Nessus entries corroborate multiple vulner...

6.1CVSS5.9AI score0.02885EPSS
CVE
CVE
added 2018/05/19 5:0 p.m.72 views

CVE-2018-4923

CVE-2018-4923 affects Adobe Connect versions 9.7 and earlier. The vulnerability is an OS command injection in the Adobe Connect URI handler, enabling exploitation that could lead to arbitrary file deletion. Published references confirm this issue and connect it with APSB18-06 updates, which addre...

9.1CVSS9.1AI score0.09546EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.72 views

CVE-2024-54042

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can trick a victim into visiting a crafted URL, causing malicious JavaScript to run in the victim’s browser. Connected advisories also reference stored...

6.1CVSS5.6AI score0.0043EPSS
CVE
CVE
added 2021/10/15 2:22 p.m.71 views

CVE-2021-40721

CVE-2021-40721 affects Adobe Connect 11.2.3 and earlier. The flaw is a reflected Cross-Site Scripting (XSS) vulnerability: if a user is lured to a URL referencing a vulnerable page, attacker-supplied JavaScript can execute in the victim’s browser. The issue is documented as part of APSB21-91; rem...

6.1CVSS5.7AI score0.00976EPSS
CVE
CVE
added 2017/07/14 5:0 a.m.70 views

CVE-2017-3101

CVE-2017-3101 affects Adobe Connect for Windows (Adobe Connect 9.6.1 and earlier). The vulnerability is described as a UI redressing/clickjacking issue, where exploitation could lead to a clickjacking attack. The linked advisories note that this CVE, along with CVE-2017-3102 and CVE-2017-3103, wa...

7.5CVSS7.2AI score0.05614EPSS
CVE
CVE
added 2021/03/12 6:14 p.m.70 views

CVE-2021-21085

CVE-2021-21085 affects Adobe Connect 11.0.7 and earlier, via an Input Validation vulnerability in the export feature. An attacker can inject a payload into an online event form and achieve code execution if the victim exports and opens the data locally. The issue is documented across multiple sou...

7.8CVSS7.6AI score0.03738EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.70 views

CVE-2024-54037

Adobe Connect is affected by a DOM-based XSS vulnerability in versions 12.6, 11.4.7 and earlier. Exploitation requires user interaction (crafted URL or input) and can lead to arbitrary code execution in the victim’s browser, with potential session takeover and high confidentiality/integrity impac...

8.1CVSS6.9AI score0.00893EPSS
CVE
CVE
added 2017/12/09 6:0 a.m.69 views

CVE-2017-11291

Adobe Connect 9.6.2 and earlier is affected by CVE-2017-11291, a Server-Side Request Forgery (SSRF) vulnerability that could bypass network access controls. The issue is documented across multiple sources: the NVD entry for CVE-2017-11291 (CVSS v3: 10.0, NETWORK, HIGH impact on confidentiality/ i...

10CVSS9.3AI score0.05549EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.69 views

CVE-2024-54046

Adobe Connect is affected by a reflected XSS vulnerability (CVE-2024-54046) in versions 12.6, 11.4.7 and earlier. An unauthenticated attacker could lure a victim to a crafted URL referencing a vulnerable page, causing arbitrary JavaScript to execute in the user’s browser. Connected advisories con...

6.1CVSS5.9AI score0.0032EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.69 views

CVE-2024-54047

CVE-2024-54047 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect 12.6 and earlier (including 11.4.7 and older). An unauthenticated attacker can persuade a victim to visit a URL referencing a vulnerable page, resulting in execution of malicious JavaScript in the victim’s bro...

6.1CVSS5.6AI score0.0032EPSS
CVE
CVE
added 2017/07/14 5:0 a.m.67 views

CVE-2017-3103

Adobe Connect 9.6.1 and earlier are affected by a stored cross-site scripting (XSS) vulnerability (CVE-2017-3103). Exploitation could lead to malicious script execution when viewing injected content. The issue is part of APSB17-22 and is mitigated by updating to Adobe Connect 9.6.2 or later, as r...

6.1CVSS5.9AI score0.03343EPSS
CVE
CVE
added 2021/03/12 6:9 p.m.67 views

CVE-2021-21079

Adobe Connect 11.0.7 and earlier are affected by a reflected Cross‑Site Scripting (XSS) vulnerability (CVE‑2021‑21079) in a vulnerable field; attackers could inject JavaScript executed in the victim’s browser. The issue is documented in APSB21‑19 and NVD/NIST records. Remediation is available: Ad...

6.1CVSS5.7AI score0.01125EPSS
CVE
CVE
added 2021/03/12 6:12 p.m.67 views

CVE-2021-21080

Adobe Connect 11.0.7 and earlier are affected by a reflected cross-site scripting (XSS) vulnerability, exposed via a vulnerable query parameter. An attacker could inject JavaScript executed in the victim’s browser when visiting the affected page. Fixed in later updates; remediation is to upgrade ...

6.1CVSS5.7AI score0.01188EPSS
CVE
CVE
added 2021/06/28 2:13 p.m.67 views

CVE-2021-28579

Adobe Connect

4.3CVSS4.4AI score0.01088EPSS
CVE
CVE
added 2018/05/19 5:0 p.m.66 views

CVE-2018-4994

CVE-2018-4994 affects Adobe Connect 9.7.5 and earlier, with an exploitable authentication bypass leading to potential sensitive information disclosure. Connected sources confirm multiple advisories (APSB18-22) and the vendor update that fixes these issues in versions released after 9.7.5, notably...

7.5CVSS7.4AI score0.099EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.66 views

CVE-2024-54050

CVE-2024-54050 is an Open Redirect vulnerability affecting Adobe Connect versions 12.6, 11.4.7 and earlier. The issue allows a URL redirection to an untrusted site, enabling attackers to redirect users to malicious websites. Exploitation requires user interaction. Public sources in the connected ...

6.1CVSS6.5AI score0.00435EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.65 views

CVE-2024-54032

CVE-2024-54032 is a stored XSS vulnerability in Adobe Connect affecting 12.6 and 11.4.7 and earlier. The attacker can inject scripts into vulnerable form fields, with potential session takeover and high impact to confidentiality/integrity. Public details come from NVD/NCSC/CNVD entries and the Ad...

9.3CVSS6.8AI score0.00798EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.65 views

CVE-2024-54048

CVE-2024-54048 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect versions 12.6, 11.4.7 and earlier. The flaw allows an unauthenticated attacker to lure a user to a crafted URL, potentially executing malicious JavaScript in the user19s browser. Public sources (NVD, NCSC, CN...

6.1CVSS5.6AI score0.0032EPSS
CVE
CVE
added 2021/09/01 2:33 p.m.64 views

CVE-2021-36062

Adobe Connect

6.1CVSS5.5AI score0.0135EPSS
CVE
CVE
added 2021/09/01 2:34 p.m.64 views

CVE-2021-36063

Adobe Connect 11.2.2 and earlier are affected by a Reflected Cross‑site Scripting vulnerability (CVE-2021-36063) in vulnerable form fields, potentially allowing an attacker to inject and execute malicious JavaScript in a victim’s browser when visiting a page containing the vulnerable field. Conne...

6.1CVSS5.6AI score0.0135EPSS
CVE
CVE
added 2025/05/13 8:32 p.m.64 views

CVE-2025-43567

Adobe Connect 12.8 and earlier are affected by a reflected XSS vulnerability in vulnerable form fields. The issue allows an attacker to inject malicious JavaScript which can be executed in a victim’s browser, potentially enabling session takeover and raising confidentiality and integrity impact. ...

9.3CVSS7.8AI score0.00406EPSS
CVE
CVE
added 2018/07/20 7:0 p.m.63 views

CVE-2018-12805

Adobe Connect 9.7.5 and earlier are affected by an Insecure Library Loading vulnerability (CVE-2018-12805) in the Add-in Installer, where insecure DLL loading could be abused to escalate local privileges. Connected advisories note this is part of APSB18-22, which also covers other issues in Conne...

9.8CVSS9.3AI score0.04131EPSS
CVE
CVE
added 2021/09/01 2:33 p.m.62 views

CVE-2021-36061

Adobe Connect 11.2.2 and earlier is affected by a secure design principles violation (pbMode) that allows editing/deleting recordings. Exploitation requires a victim to publish a link, and attacker is unauthenticated. Remediation: apply APSB21-66 update to 11.2.3 or later (per sources noting 11.2...

5.4CVSS5.4AI score0.01568EPSS
CVE
CVE
added 2023/09/13 8:27 a.m.62 views

CVE-2023-29306

Adobe Connect

6.1CVSS5.8AI score0.00403EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.62 views

CVE-2024-54044

The CVE-2024-54044 entry refers to Adobe Connect 12.6, 11.4.7 and earlier being affected by a reflected Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can lure a victim to visit a URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s bro...

6.1CVSS5.9AI score0.0032EPSS
CVE
CVE
added 2015/06/13 3:0 p.m.61 views

CVE-2015-0343

CVE-2015-0343 describes a reflected XSS in Adobe Connect (admin/home/homepage/search) prior to 9.4. The vulnerability enables arbitrary script execution via the query parameter, with CVSS v2 base score 4.3 (Medium). Affected versions include Adobe Connect before 9.4 (notably 9.3 per OpenVAS/Packe...

4.3CVSS5.7AI score0.03194EPSS
Web
CVE
CVE
added 2016/05/30 1:0 a.m.61 views

CVE-2016-4118

Summary of CVE-2016-4118 : Adobe Connect Add-In for Windows is affected by an untrusted search path vulnerability in its installer. The issue allows local privilege escalation due to the installer’s search path handling, affecting installations prior to version 11.9.976.291. The vulnerability ste...

7.8CVSS7.5AI score0.00904EPSS
CVE
CVE
added 2016/11/08 5:45 p.m.61 views

CVE-2016-7851

Adobe Connect versions 9.5.6 and earlier are affected by an input validation flaw in the events registration module that could enable cross-site scripting (XSS). This vulnerability is addressed by Adobe in APSB16-35, with a patch released for the product (notably 9.5.7 and newer per advisories). ...

6.1CVSS5.8AI score0.07007EPSS
Web
CVE
CVE
added 2024/12/10 8:42 p.m.61 views

CVE-2024-54038

Adobe Connect

4.3CVSS5AI score0.00495EPSS
CVE
CVE
added 2017/12/09 6:0 a.m.60 views

CVE-2017-11289

Vulnerability context (CVE-2017-11289) : Adobe Connect 9.6.2 and earlier is affected by a reflected cross-site scripting vulnerability that can lead to information disclosure (inputs are not properly sanitized before being displayed). The issue is documented across multiple sources in the CVE eco...

6.1CVSS6.9AI score0.02921EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.60 views

CVE-2024-54041

Adobe Connect is affected by a stored Cross-Site Scripting (XSS) vulnerability in versions 12.6, 11.4.7 and earlier. The issue allows attackers to inject malicious scripts into vulnerable form fields, with JavaScript executing in the victim’s browser when the page is loaded. Affected products and...

5.4CVSS5.3AI score0.00387EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.60 views

CVE-2024-54043

CVE-2024-54043 concerns Adobe Connect: versions 12.6 and 11.4.7 and earlier are affected by a reflected cross-site scripting (XSS) vulnerability. An unauthenticated attacker can lure a victim to a crafted URL, causing malicious JavaScript to execute in the victim’s browser, potentially in their s...

6.1CVSS5.6AI score0.0032EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.59 views

CVE-2024-54051

Adobe Connect (versions 12.6, 11.4.7 and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. The issue allows an attacker to redirect users to malicious websites, with exploitation requiring user interaction. The vulnerability is documented as CVE-2024-540...

6.1CVSS6.5AI score0.00435EPSS
CVE
CVE
added 2017/12/09 6:0 a.m.58 views

CVE-2017-11290

Adobe Connect 9.6.2 and earlier are affected by multiple vulnerabilities described in APSB17-35. The issues include: (1) SSRF bypassing network controls (CVE-2017-11291), (2) reflected XSS vulnerabilities (CVE-2017-11287, CVE-2017-11288, CVE-2017-11289), and (3) a UI redress/clickjacking vulnerab...

6.1CVSS7.5AI score0.03021EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.58 views

CVE-2024-49550

CVE-2024-49550 relates to a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect that affects versions 12.6, 11.4.7 and earlier. The issue arises when a victim is lured to visit a URL referencing a vulnerable page, allowing an attacker to execute malicious JavaScript in the victim’...

6.1CVSS5.7AI score0.00498EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.58 views

CVE-2024-54040

Adobe Connect (versions 12.6, 11.4.7 and earlier) is affected by a stored Cross‑Site Scripting vulnerability (CVE-2024-54040). An attacker could inject malicious scripts into vulnerable form fields, with execution in a victim’s browser when visiting the impacted page. Public references in the pro...

5.4CVSS5.3AI score0.00387EPSS
CVE
CVE
added 2017/12/09 6:0 a.m.57 views

CVE-2017-11287

Adobe Connect 9.6.2 and earlier versions are affected by a reflected cross-site scripting (XSS) vulnerability (CVE-2017-11287) that can lead to information disclosure. The issue arises from insufficient input filtering of user-supplied HTML. Evidence from multiple sources confirms affected produc...

6.1CVSS6.9AI score0.02921EPSS
CVE
CVE
added 2018/07/20 7:0 p.m.57 views

CVE-2018-12804

CVE-2018-12804 affects Adobe Connect 9.7.5 and earlier, due to inadequate validation of meeting session tokens, leading to an Authentication Bypass and potential session hijacking. Nessus/ThreatPost corroborate the vulnerability as part of APSB18-22, which also addresses a corresponding session-m...

9.8CVSS9.3AI score0.11475EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.57 views

CVE-2024-54034

CVE-2024-54034 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect affecting versions 12.6, 11.4.7 and earlier. An attacker can lure a victim to a crafted URL, causing malicious JavaScript to execute in the browser and potentially lead to session takeover, with high confident...

9.3CVSS7.8AI score0.00694EPSS
CVE
CVE
added 2017/12/09 6:0 a.m.56 views

CVE-2017-11288

CVE-2017-11288 is a reflected cross-site scripting vulnerability in Adobe Connect 9.6.2 and earlier. The issue arises from improper handling/filtering of HTML in user-supplied input, enabling information disclosure. The affected software is Adobe Connect; the root cause is input handling leading ...

6.1CVSS6.9AI score0.02921EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.56 views

CVE-2024-54036

Adobe Connect (versions 12.6, 11.4.7 and earlier) is affected by a stored Cross‑Site Scripting (XSS) vulnerability (CVE-2024-54036). The issue allows injection of malicious scripts into vulnerable form fields and can lead to session takeover; impact on confidentiality and integrity is high. Remed...

9.3CVSS8AI score0.00694EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.56 views

CVE-2024-54039

Adobe Connect is affected by a stored Cross-Site Scripting (XSS) vulnerability in versions 12.6, 11.4.7 and earlier, where malicious scripts can execute in a user’s browser when loading pages containing vulnerable fields. Root cause: stored XSS in vulnerable form fields. CVSSv3.1 base score 5.4 (...

5.4CVSS5.3AI score0.00387EPSS
CVE
CVE
added 2016/02/10 8:0 p.m.54 views

CVE-2016-0948

CVE-2016-0948 is an Adobe Connect CSRF vulnerability affecting Adobe Connect prior to 9.5.2. It allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. The documented remediation is Adobe’s APSB16-07 security update, which addresses input validation/conten...

8.8CVSS9.2AI score0.01879EPSS
CVE
CVE
added 2016/02/10 8:0 p.m.53 views

CVE-2016-0949

Adobe Connect before 9.5.2 is vulnerable: a crafted URL parameter can cause an unspecified impact. Multiple sources (NVD, CNVD, OpenVAS entry) confirm the affected product/version and the exposure is network-based with high risk per CVSS. Remediation per the APSB16-07 advisory is to apply the sec...

10CVSS9.3AI score0.04424EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.53 views

CVE-2024-54045

CVE-2024-54045 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect affecting 12.6 and earlier, including 11.4.7 and earlier. The issue is documented across multiple sources (NVD entry and related advisories). The vulnerability allows an unauthenticated attacker to lure a vict...

6.1CVSS6.1AI score0.0032EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.53 views

CVE-2024-54049

Adobe Connect CVE-2024-54049 is a reflected Cross-Site Scripting (XSS) vulnerability affecting versions 12.6, 11.4.7 and earlier. The issue arises when a victim is induced to visit a URL that references a vulnerable page, allowing attacker-controlled JavaScript to execute in the victim’s browser ...

6.1CVSS5.7AI score0.003EPSS
CVE
CVE
added 2019/01/18 5:0 p.m.52 views

CVE-2018-19718

Adobe Connect 9.8.1 and earlier are affected by CVE-2018-19718, a session token exposure vulnerability that could lead to exposure of the privileges granted to a session. Affected product: Adobe Connect (versions 9.8.1 and earlier). Root cause: session token exposure. Impact: potential leakage of...

5.3CVSS5.1AI score0.03449EPSS
Total number of security vulnerabilities74