40 matches found
CVE-2024-54037
Adobe Connect is affected by a DOM-based XSS vulnerability in versions 12.6, 11.4.7 and earlier. Exploitation requires user interaction (crafted URL or input) and can lead to arbitrary code execution in the victim’s browser, with potential session takeover and high confidentiality/integrity impac...
CVE-2024-54042
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can trick a victim into visiting a crafted URL, causing malicious JavaScript to run in the victim’s browser. Connected advisories also reference stored...
CVE-2024-54046
Adobe Connect is affected by a reflected XSS vulnerability (CVE-2024-54046) in versions 12.6, 11.4.7 and earlier. An unauthenticated attacker could lure a victim to a crafted URL referencing a vulnerable page, causing arbitrary JavaScript to execute in the user’s browser. Connected advisories con...
CVE-2024-54047
CVE-2024-54047 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect 12.6 and earlier (including 11.4.7 and older). An unauthenticated attacker can persuade a victim to visit a URL referencing a vulnerable page, resulting in execution of malicious JavaScript in the victim’s bro...
CVE-2024-54050
CVE-2024-54050 is an Open Redirect vulnerability affecting Adobe Connect versions 12.6, 11.4.7 and earlier. The issue allows a URL redirection to an untrusted site, enabling attackers to redirect users to malicious websites. Exploitation requires user interaction. Public sources in the connected ...
CVE-2021-28579
Adobe Connect
CVE-2024-54032
CVE-2024-54032 is a stored XSS vulnerability in Adobe Connect affecting 12.6 and 11.4.7 and earlier. The attacker can inject scripts into vulnerable form fields, with potential session takeover and high impact to confidentiality/integrity. Public details come from NVD/NCSC/CNVD entries and the Ad...
CVE-2024-54048
CVE-2024-54048 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect versions 12.6, 11.4.7 and earlier. The flaw allows an unauthenticated attacker to lure a user to a crafted URL, potentially executing malicious JavaScript in the user19s browser. Public sources (NVD, NCSC, CN...
CVE-2025-43567
Adobe Connect 12.8 and earlier are affected by a reflected XSS vulnerability in vulnerable form fields. The issue allows an attacker to inject malicious JavaScript which can be executed in a victim’s browser, potentially enabling session takeover and raising confidentiality and integrity impact. ...
CVE-2024-54044
The CVE-2024-54044 entry refers to Adobe Connect 12.6, 11.4.7 and earlier being affected by a reflected Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can lure a victim to visit a URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s bro...
CVE-2024-54038
Adobe Connect
CVE-2024-54041
Adobe Connect is affected by a stored Cross-Site Scripting (XSS) vulnerability in versions 12.6, 11.4.7 and earlier. The issue allows attackers to inject malicious scripts into vulnerable form fields, with JavaScript executing in the victim’s browser when the page is loaded. Affected products and...
CVE-2024-54043
CVE-2024-54043 concerns Adobe Connect: versions 12.6 and 11.4.7 and earlier are affected by a reflected cross-site scripting (XSS) vulnerability. An unauthenticated attacker can lure a victim to a crafted URL, causing malicious JavaScript to execute in the victim’s browser, potentially in their s...
CVE-2024-54040
Adobe Connect (versions 12.6, 11.4.7 and earlier) is affected by a stored Cross‑Site Scripting vulnerability (CVE-2024-54040). An attacker could inject malicious scripts into vulnerable form fields, with execution in a victim’s browser when visiting the impacted page. Public references in the pro...
CVE-2024-54051
Adobe Connect (versions 12.6, 11.4.7 and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. The issue allows an attacker to redirect users to malicious websites, with exploitation requiring user interaction. The vulnerability is documented as CVE-2024-540...
CVE-2024-49550
CVE-2024-49550 relates to a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect that affects versions 12.6, 11.4.7 and earlier. The issue arises when a victim is lured to visit a URL referencing a vulnerable page, allowing an attacker to execute malicious JavaScript in the victim’...
CVE-2024-54034
CVE-2024-54034 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect affecting versions 12.6, 11.4.7 and earlier. An attacker can lure a victim to a crafted URL, causing malicious JavaScript to execute in the browser and potentially lead to session takeover, with high confident...
CVE-2024-54039
Adobe Connect is affected by a stored Cross-Site Scripting (XSS) vulnerability in versions 12.6, 11.4.7 and earlier, where malicious scripts can execute in a user’s browser when loading pages containing vulnerable fields. Root cause: stored XSS in vulnerable form fields. CVSSv3.1 base score 5.4 (...
CVE-2024-54036
Adobe Connect (versions 12.6, 11.4.7 and earlier) is affected by a stored Cross‑Site Scripting (XSS) vulnerability (CVE-2024-54036). The issue allows injection of malicious scripts into vulnerable form fields and can lead to session takeover; impact on confidentiality and integrity is high. Remed...
CVE-2024-54049
Adobe Connect CVE-2024-54049 is a reflected Cross-Site Scripting (XSS) vulnerability affecting versions 12.6, 11.4.7 and earlier. The issue arises when a victim is induced to visit a URL that references a vulnerable page, allowing attacker-controlled JavaScript to execute in the victim’s browser ...
CVE-2024-54045
CVE-2024-54045 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect affecting 12.6 and earlier, including 11.4.7 and earlier. The issue is documented across multiple sources (NVD entry and related advisories). The vulnerability allows an unauthenticated attacker to lure a vict...
CVE-2025-30314
CVE-2025-30314 (Adobe Connect) affects Adobe Connect versions 12.8 and earlier due to a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The underlying issue allows an attacker to inject malicious scripts, which may execute in a victim’s browser when they load the page c...
CVE-2025-30316
Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, allowing a low‑privileged attacker to inject malicious JavaScript and have it executed when a user visits the affected page. Root cause is a stored XSS in input/for...
CVE-2025-30315
Summary: Adobe Connect versions ≤ 12.8 are vulnerable to a stored XSS in vulnerable form fields, allowing injected JavaScript to run in a victim’s browser when visiting the affected page. Impact (as stated): stored XSS with potential for script execution in the user context. Affected components: ...
CVE-2023-4665
CVE-2023-4665 describes an Incorrect Execution-Assigned Permissions vulnerability in Saphira Connect (pre-9.x), enabling Privilege Escalation due to permission misconfigurations. Affected product is stated as Saphira Connect; the vulnerability affects versions before 9. The available documents do...
CVE-2023-4661
CVE-2023-4661 affects Saphira Connect versions prior to 9, due to improper neutralization of certain elements in SQL commands (SQL injection). The vulnerability is characterized as a high-severity, network-exploitable issue with a CVSS v3.1 base score of 9.8 (C:H, I:H, A:H; AV:N, AC:L, PR:N, UI:N...
CVE-2023-4663
CVE-2023-4663 concerns a reflected XSS vulnerability in Saphira Connect prior to version 9. The issue is caused by improper neutralization of script-related HTML tags in web pages, enabling potential script execution in a user browser when interacting with affected pages. The CVSS data (AV:N/AC:L...
CVE-2023-4664
CVE-2023-4664 affects Saphira Connect prior to version 9. The root cause described across connected sources is incorrect default permissions that enable privilege escalation. Impact is reported as high (confidentiality, integrity, and availability affected) with network attack vector and low atta...
CVE-2023-4662
CVE-2023-4662 involves an Execution with Unnecessary Privileges vulnerability in Saphira Connect (mobile app for Saphira Connect, Inc.). The issue affects versions prior to 9 and enables a Remote Code Inclusion vulnerability due to insufficient privilege checks. Public sources describe potential ...
CVE-2025-49552
Adobe Connect is affected by a DOM-based Cross-Site Scripting (XSS) vulnerability in versions 12.9 and earlier. The issue is caused by improper handling/validation of user input, enabling a high-privileged attacker to execute scripts in a victim’s browser and potentially hijack a session. Exploit...
CVE-2025-49553
Summary of CVE-2025-49553 : Adobe Connect versions 12.9 and earlier are affected by a DOM-based XSS vulnerability that can lead to session takeover and leakage of confidential data when a user navigates to a crafted page. Concurrent connected sources confirm exploit code exists publicly on multip...
CVE-2026-27245
Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. The issue allows an attacker to lure a user to a crafted URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s browser. The CVSS 3.1 score i...
CVE-2026-34617
Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a Cross-Site Scripting (XSS) vulnerability that can lead to privilege escalation. The issue allows a low-privileged attacker to inject scripts into a page, potentially gaining elevated access or control over a victim’s account or s...
CVE-2026-27243
Adobe Connect (versions 2025.3, 12.10 and earlier) contains a reflected Cross-Site Scripting (XSS) vulnerability. An attacker can lure a user to a crafted URL referencing a vulnerable page, enabling arbitrary JavaScript execution in the user’s browser with high impact to confidentiality and integ...
CVE-2026-34614
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a user is convinced to visit a crafted URL referencing a vulnerable page, malicious JavaScript could execute in the victim’s browser. Affected component: Adobe Connect web app...
CVE-2025-54196
Adobe Connect suffers a URL Redirection to Untrusted Site vulnerability affecting version 12.9 and earlier. The issue allows an attacker to lure a user into opening a crafted link, triggering a redirect to a malicious site. Exploitation requires user interaction, and the underlying exposure is Op...
CVE-2026-21331
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a user is convinced to visit a URL referencing a vulnerable page, malicious JavaScript may execute in the victim’s browser. This is a user-interaction–required, network-based ...
CVE-2026-34615
Adobe Connect (versions 2025.3, 12.10 and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. Root cause: deserialization of untrusted data. Affec...
CVE-2026-27246
CVE-2026-27246 affects Adobe Connect versions 2025.3, 12.10 and earlier. It is a DOM-based Cross-Site Scripting (XSS) vulnerability where an attacker can manipulate the DOM to execute malicious JavaScript in the victim’s browser. Exploitation requires user interaction: the victim must visit a cra...
CVE-2026-27303
Adobe Connect (versions 2025.3, 12.10 and earlier) is affected by a Deserialization of Untrusted Data vulnerability (CVE-2026-27303) that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. The vulnerability is described as ha...