Lucene search
K

40 matches found

CVE
CVE
added 2024/12/10 8:42 p.m.72 views

CVE-2024-54037

Adobe Connect is affected by a DOM-based XSS vulnerability in versions 12.6, 11.4.7 and earlier. Exploitation requires user interaction (crafted URL or input) and can lead to arbitrary code execution in the victim’s browser, with potential session takeover and high confidentiality/integrity impac...

8.1CVSS6.9AI score0.00893EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.72 views

CVE-2024-54042

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can trick a victim into visiting a crafted URL, causing malicious JavaScript to run in the victim’s browser. Connected advisories also reference stored...

6.1CVSS5.6AI score0.00439EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.72 views

CVE-2024-54046

Adobe Connect is affected by a reflected XSS vulnerability (CVE-2024-54046) in versions 12.6, 11.4.7 and earlier. An unauthenticated attacker could lure a victim to a crafted URL referencing a vulnerable page, causing arbitrary JavaScript to execute in the user’s browser. Connected advisories con...

6.1CVSS5.9AI score0.00326EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.70 views

CVE-2024-54047

CVE-2024-54047 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect 12.6 and earlier (including 11.4.7 and older). An unauthenticated attacker can persuade a victim to visit a URL referencing a vulnerable page, resulting in execution of malicious JavaScript in the victim’s bro...

6.1CVSS5.6AI score0.00326EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.70 views

CVE-2024-54050

CVE-2024-54050 is an Open Redirect vulnerability affecting Adobe Connect versions 12.6, 11.4.7 and earlier. The issue allows a URL redirection to an untrusted site, enabling attackers to redirect users to malicious websites. Exploitation requires user interaction. Public sources in the connected ...

6.1CVSS6.5AI score0.00444EPSS
CVE
CVE
added 2021/06/28 2:13 p.m.68 views

CVE-2021-28579

Adobe Connect

4.3CVSS4.4AI score0.01088EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.65 views

CVE-2024-54032

CVE-2024-54032 is a stored XSS vulnerability in Adobe Connect affecting 12.6 and 11.4.7 and earlier. The attacker can inject scripts into vulnerable form fields, with potential session takeover and high impact to confidentiality/integrity. Public details come from NVD/NCSC/CNVD entries and the Ad...

9.3CVSS6.8AI score0.00813EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.65 views

CVE-2024-54048

CVE-2024-54048 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect versions 12.6, 11.4.7 and earlier. The flaw allows an unauthenticated attacker to lure a user to a crafted URL, potentially executing malicious JavaScript in the user19s browser. Public sources (NVD, NCSC, CN...

6.1CVSS5.6AI score0.00326EPSS
CVE
CVE
added 2025/05/13 8:32 p.m.65 views

CVE-2025-43567

Adobe Connect 12.8 and earlier are affected by a reflected XSS vulnerability in vulnerable form fields. The issue allows an attacker to inject malicious JavaScript which can be executed in a victim’s browser, potentially enabling session takeover and raising confidentiality and integrity impact. ...

9.3CVSS7.8AI score0.00406EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.62 views

CVE-2024-54044

The CVE-2024-54044 entry refers to Adobe Connect 12.6, 11.4.7 and earlier being affected by a reflected Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can lure a victim to visit a URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s bro...

6.1CVSS5.9AI score0.00326EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.61 views

CVE-2024-54038

Adobe Connect

4.3CVSS5AI score0.00505EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.61 views

CVE-2024-54041

Adobe Connect is affected by a stored Cross-Site Scripting (XSS) vulnerability in versions 12.6, 11.4.7 and earlier. The issue allows attackers to inject malicious scripts into vulnerable form fields, with JavaScript executing in the victim’s browser when the page is loaded. Affected products and...

5.4CVSS5.3AI score0.00394EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.61 views

CVE-2024-54043

CVE-2024-54043 concerns Adobe Connect: versions 12.6 and 11.4.7 and earlier are affected by a reflected cross-site scripting (XSS) vulnerability. An unauthenticated attacker can lure a victim to a crafted URL, causing malicious JavaScript to execute in the victim’s browser, potentially in their s...

6.1CVSS5.6AI score0.00326EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.60 views

CVE-2024-54040

Adobe Connect (versions 12.6, 11.4.7 and earlier) is affected by a stored Cross‑Site Scripting vulnerability (CVE-2024-54040). An attacker could inject malicious scripts into vulnerable form fields, with execution in a victim’s browser when visiting the impacted page. Public references in the pro...

5.4CVSS5.3AI score0.00394EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.60 views

CVE-2024-54051

Adobe Connect (versions 12.6, 11.4.7 and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. The issue allows an attacker to redirect users to malicious websites, with exploitation requiring user interaction. The vulnerability is documented as CVE-2024-540...

6.1CVSS6.5AI score0.00444EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.59 views

CVE-2024-49550

CVE-2024-49550 relates to a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect that affects versions 12.6, 11.4.7 and earlier. The issue arises when a victim is lured to visit a URL referencing a vulnerable page, allowing an attacker to execute malicious JavaScript in the victim’...

6.1CVSS5.7AI score0.00507EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.57 views

CVE-2024-54034

CVE-2024-54034 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect affecting versions 12.6, 11.4.7 and earlier. An attacker can lure a victim to a crafted URL, causing malicious JavaScript to execute in the browser and potentially lead to session takeover, with high confident...

9.3CVSS7.8AI score0.00708EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.57 views

CVE-2024-54039

Adobe Connect is affected by a stored Cross-Site Scripting (XSS) vulnerability in versions 12.6, 11.4.7 and earlier, where malicious scripts can execute in a user’s browser when loading pages containing vulnerable fields. Root cause: stored XSS in vulnerable form fields. CVSSv3.1 base score 5.4 (...

5.4CVSS5.3AI score0.00394EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.56 views

CVE-2024-54036

Adobe Connect (versions 12.6, 11.4.7 and earlier) is affected by a stored Cross‑Site Scripting (XSS) vulnerability (CVE-2024-54036). The issue allows injection of malicious scripts into vulnerable form fields and can lead to session takeover; impact on confidentiality and integrity is high. Remed...

9.3CVSS8AI score0.00708EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.54 views

CVE-2024-54049

Adobe Connect CVE-2024-54049 is a reflected Cross-Site Scripting (XSS) vulnerability affecting versions 12.6, 11.4.7 and earlier. The issue arises when a victim is induced to visit a URL that references a vulnerable page, allowing attacker-controlled JavaScript to execute in the victim’s browser ...

6.1CVSS5.7AI score0.00306EPSS
CVE
CVE
added 2024/12/10 8:42 p.m.53 views

CVE-2024-54045

CVE-2024-54045 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect affecting 12.6 and earlier, including 11.4.7 and earlier. The issue is documented across multiple sources (NVD entry and related advisories). The vulnerability allows an unauthenticated attacker to lure a vict...

6.1CVSS6.1AI score0.00326EPSS
CVE
CVE
added 2025/05/13 8:32 p.m.49 views

CVE-2025-30314

CVE-2025-30314 (Adobe Connect) affects Adobe Connect versions 12.8 and earlier due to a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The underlying issue allows an attacker to inject malicious scripts, which may execute in a victim’s browser when they load the page c...

6.1CVSS5.8AI score0.0029EPSS
CVE
CVE
added 2025/05/13 8:32 p.m.47 views

CVE-2025-30316

Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, allowing a low‑privileged attacker to inject malicious JavaScript and have it executed when a user visits the affected page. Root cause is a stored XSS in input/for...

5.4CVSS5AI score0.0022EPSS
CVE
CVE
added 2025/05/13 8:32 p.m.44 views

CVE-2025-30315

Summary: Adobe Connect versions ≤ 12.8 are vulnerable to a stored XSS in vulnerable form fields, allowing injected JavaScript to run in a victim’s browser when visiting the affected page. Impact (as stated): stored XSS with potential for script execution in the user context. Affected components: ...

6.1CVSS5.8AI score0.00235EPSS
CVE
CVE
added 2023/09/15 8:39 a.m.41 views

CVE-2023-4665

CVE-2023-4665 describes an Incorrect Execution-Assigned Permissions vulnerability in Saphira Connect (pre-9.x), enabling Privilege Escalation due to permission misconfigurations. Affected product is stated as Saphira Connect; the vulnerability affects versions before 9. The available documents do...

8.8CVSS7.3AI score0.0105EPSS
CVE
CVE
added 2023/09/15 8:34 a.m.40 views

CVE-2023-4661

CVE-2023-4661 affects Saphira Connect versions prior to 9, due to improper neutralization of certain elements in SQL commands (SQL injection). The vulnerability is characterized as a high-severity, network-exploitable issue with a CVSS v3.1 base score of 9.8 (C:H, I:H, A:H; AV:N, AC:L, PR:N, UI:N...

9.8CVSS7.4AI score0.00812EPSS
CVE
CVE
added 2023/09/15 8:37 a.m.36 views

CVE-2023-4663

CVE-2023-4663 concerns a reflected XSS vulnerability in Saphira Connect prior to version 9. The issue is caused by improper neutralization of script-related HTML tags in web pages, enabling potential script execution in a user browser when interacting with affected pages. The CVSS data (AV:N/AC:L...

6.1CVSS6.4AI score0.00784EPSS
CVE
CVE
added 2023/09/15 8:38 a.m.36 views

CVE-2023-4664

CVE-2023-4664 affects Saphira Connect prior to version 9. The root cause described across connected sources is incorrect default permissions that enable privilege escalation. Impact is reported as high (confidentiality, integrity, and availability affected) with network attack vector and low atta...

8.8CVSS7.3AI score0.00809EPSS
CVE
CVE
added 2023/09/15 8:36 a.m.31 views

CVE-2023-4662

CVE-2023-4662 involves an Execution with Unnecessary Privileges vulnerability in Saphira Connect (mobile app for Saphira Connect, Inc.). The issue affects versions prior to 9 and enables a Remote Code Inclusion vulnerability due to insufficient privilege checks. Public sources describe potential ...

9.8CVSS7.3AI score0.01187EPSS
CVE
CVE
added 2025/10/14 9:53 p.m.22 views

CVE-2025-49552

Adobe Connect is affected by a DOM-based Cross-Site Scripting (XSS) vulnerability in versions 12.9 and earlier. The issue is caused by improper handling/validation of user input, enabling a high-privileged attacker to execute scripts in a victim’s browser and potentially hijack a session. Exploit...

8.1CVSS5.5AI score0.00365EPSS
CVE
CVE
added 2025/10/14 9:53 p.m.20 views

CVE-2025-49553

Summary of CVE-2025-49553 : Adobe Connect versions 12.9 and earlier are affected by a DOM-based XSS vulnerability that can lead to session takeover and leakage of confidential data when a user navigates to a crafted page. Concurrent connected sources confirm exploit code exists publicly on multip...

9.3CVSS5.5AI score0.00557EPSS
CVE
CVE
added 2026/04/14 5:33 p.m.18 views

CVE-2026-27245

Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. The issue allows an attacker to lure a user to a crafted URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s browser. The CVSS 3.1 score i...

9.3CVSS5.2AI score0.00304EPSS
CVE
CVE
added 2026/04/14 5:33 p.m.17 views

CVE-2026-34617

Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a Cross-Site Scripting (XSS) vulnerability that can lead to privilege escalation. The issue allows a low-privileged attacker to inject scripts into a page, potentially gaining elevated access or control over a victim’s account or s...

8.7CVSS5.8AI score0.00308EPSS
CVE
CVE
added 2026/04/14 5:33 p.m.16 views

CVE-2026-27243

Adobe Connect (versions 2025.3, 12.10 and earlier) contains a reflected Cross-Site Scripting (XSS) vulnerability. An attacker can lure a user to a crafted URL referencing a vulnerable page, enabling arbitrary JavaScript execution in the user’s browser with high impact to confidentiality and integ...

9.3CVSS5.2AI score0.00304EPSS
CVE
CVE
added 2026/04/14 5:33 p.m.14 views

CVE-2026-34614

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a user is convinced to visit a crafted URL referencing a vulnerable page, malicious JavaScript could execute in the victim’s browser. Affected component: Adobe Connect web app...

6.1CVSS5.7AI score0.00187EPSS
CVE
CVE
added 2025/10/14 9:53 p.m.13 views

CVE-2025-54196

Adobe Connect suffers a URL Redirection to Untrusted Site vulnerability affecting version 12.9 and earlier. The issue allows an attacker to lure a user into opening a crafted link, triggering a redirect to a malicious site. Exploitation requires user interaction, and the underlying exposure is Op...

6.1CVSS6AI score0.00268EPSS
CVE
CVE
added 2026/04/14 5:33 p.m.12 views

CVE-2026-21331

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a user is convinced to visit a URL referencing a vulnerable page, malicious JavaScript may execute in the victim’s browser. This is a user-interaction–required, network-based ...

6.1CVSS5.7AI score0.00225EPSS
CVE
CVE
added 2026/04/14 5:33 p.m.12 views

CVE-2026-34615

Adobe Connect (versions 2025.3, 12.10 and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. Root cause: deserialization of untrusted data. Affec...

9.3CVSS6.3AI score0.00629EPSS
CVE
CVE
added 2026/04/14 5:33 p.m.11 views

CVE-2026-27246

CVE-2026-27246 affects Adobe Connect versions 2025.3, 12.10 and earlier. It is a DOM-based Cross-Site Scripting (XSS) vulnerability where an attacker can manipulate the DOM to execute malicious JavaScript in the victim’s browser. Exploitation requires user interaction: the victim must visit a cra...

9.3CVSS5.2AI score0.00304EPSS
CVE
CVE
added 2026/04/14 5:33 p.m.11 views

CVE-2026-27303

Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a Deserialization of Untrusted Data vulnerability (CVE-2026-27303) that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. The vulnerability is described as ha...

9.6CVSS6.2AI score0.00613EPSS