9 matches found
CVE-2025-27203
CVE-2025-27203 affects Adobe Connect 24.0 and earlier. Issue: Deserialization of untrusted data leading to arbitrary code execution. Exploitation requires user interaction and, per the sources, may change scope. Severity is high: CVSSv3.1 base score 9.6 (CRITICAL). Affected component is the deser...
CVE-2026-27245
Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. The issue allows an attacker to lure a user to a crafted URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s browser. The CVSS 3.1 score i...
CVE-2026-34617
Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a Cross-Site Scripting (XSS) vulnerability that can lead to privilege escalation. The issue allows a low-privileged attacker to inject scripts into a page, potentially gaining elevated access or control over a victim’s account or s...
CVE-2026-27243
Adobe Connect (versions 2025.3, 12.10 and earlier) contains a reflected Cross-Site Scripting (XSS) vulnerability. An attacker can lure a user to a crafted URL referencing a vulnerable page, enabling arbitrary JavaScript execution in the user’s browser with high impact to confidentiality and integ...
CVE-2026-34614
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a user is convinced to visit a crafted URL referencing a vulnerable page, malicious JavaScript could execute in the victim’s browser. Affected component: Adobe Connect web app...
CVE-2026-27303
Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a Deserialization of Untrusted Data vulnerability (CVE-2026-27303) that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. The vulnerability is described as ha...
CVE-2026-34615
Adobe Connect (versions 2025.3, 12.10 and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. Root cause: deserialization of untrusted data. Affec...
CVE-2026-21331
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a user is convinced to visit a URL referencing a vulnerable page, malicious JavaScript may execute in the victim’s browser. This is a user-interaction–required, network-based ...
CVE-2026-27246
CVE-2026-27246 affects Adobe Connect versions 2025.3, 12.10 and earlier. It is a DOM-based Cross-Site Scripting (XSS) vulnerability where an attacker can manipulate the DOM to execute malicious JavaScript in the victim’s browser. Exploitation requires user interaction: the victim must visit a cra...