Lucene search
K
AdobeRobohelp

16 matches found

CVE
CVE
added 2022/07/15 3:46 p.m.109 views

CVE-2022-23201

CVE-2022-23201 affects Adobe RoboHelp 2020.0.7 and earlier, with a reflected Cross-Site Scripting (XSS) vulnerability that can execute malicious JavaScript in the victim’s browser when a user visits a crafted URL referencing a vulnerable page. Root cause: insufficient input/output handling in Rob...

6.1CVSS5.7AI score0.00592EPSS
CVE
CVE
added 2017/12/01 8:0 a.m.85 views

CVE-2017-3104

Adobe RoboHelp for Windows is affected by a cross-site scripting (XSS) vulnerability in CVE-2017-3104, impacting versions before RH12.0.4.460 and RH2017 before RH2017.0.2. The underlying issue is input validation, enabling injection of malicious script when handling user data. Mitigation is avail...

6.1CVSS5.9AI score0.0279EPSS
CVE
CVE
added 2007/05/09 10:0 p.m.75 views

CVE-2007-1280

The CVE-2007-1280 entry describes an XSS vulnerability in Adobe RoboHelp X5, X6, and RoboHelp Server 6. The issue allows remote attackers to inject arbitrary script/HTML via a URL that includes a # (hash) in the path, demonstrated with en/frameset-7.html and potentially other vectors involving te...

4.3CVSS7.7AI score0.05556EPSS
CVE
CVE
added 2011/08/11 10:0 p.m.74 views

CVE-2011-2133

Adobe RoboHelp 8/9 (and RoboHelp Server 8/9) are affected by a DOM-based XSS in the URI handling via template_stock/whutils.js, allowing arbitrary script/HTML execution. The issue is documented as CVE-2011-2133; a patch exists to address the vulnerability in RoboHelp/RoboHelp Server prior to 9.0....

4.3CVSS5.8AI score0.02985EPSS
Web
CVE
CVE
added 2021/04/19 12:28 p.m.69 views

CVE-2021-21070

CVE-2021-21070 (Adobe RoboHelp) affects RoboHelp 2020.0.3 and earlier; root cause is an uncontrolled search path element that can enable privilege escalation. An attacker with write access on the host could escalate to higher privileges by exploiting the vulnerable RoboHelp. The issue is reported...

9.3CVSS6.5AI score0.01598EPSS
CVE
CVE
added 2016/04/12 11:0 p.m.62 views

CVE-2016-1035

Adobe RoboHelp Server 9 (before 9.0.1) is affected by an unspecified SQL injection vulnerability due to improper sanitization of user input in SQL queries. An unauthenticated, remote attacker could disclose arbitrary data via unspecified vectors. The issue is associated with APSB16-12, and Adobe ...

7.5CVSS7.3AI score0.03539EPSS
CVE
CVE
added 2017/12/01 8:0 a.m.61 views

CVE-2017-3105

Adobe RoboHelp for Windows is affected by CVE-2017-3105 (Open Redirect). The vulnerability impacts RoboHelp RH before 12.0.4.460 and RH2017 before RH2017.0.2. Underlying issue: open redirection could lead users to a malicious site. Mitigation: patch releases APSB17-25 specify RoboHelp updates to ...

6.1CVSS6.3AI score0.02886EPSS
CVE
CVE
added 2011/05/16 5:0 p.m.60 views

CVE-2011-0613

CVE-2011-0613 involves multiple cross-site scripting (XSS) flaws in RoboHelp 7/8 and RoboHelp Server 7/8. The vulnerabilities are tied to RoboHTML/WildFireExt/TemplateStock components and vectors related to wf_status.htm and wf_topicfs.htm, allowing remote attackers to inject arbitrary script or ...

4.3CVSS5.9AI score0.01732EPSS
CVE
CVE
added 2012/02/15 1:0 a.m.58 views

CVE-2012-0765

Adobe RoboHelp for Word (versions 8 and 9) is affected by multiple XSS vulnerabilities via crafted URLs targeting specific .htm files in template_stock and template_csh directories. The issue can allow remote attackers to execute arbitrary script in the user’s browser. Public references indicate ...

4.3CVSS5.8AI score0.02645EPSS
CVE
CVE
added 2013/10/09 2:44 p.m.56 views

CVE-2013-5327

Adobe RoboHelp 10 is affected by CVE-2013-5327 through MDBMS.dll, which permits arbitrary code execution or memory corruption via unspecified vectors. OpenVAS and Tenable entries reference APSB13-24/APSB13-024 and indicate the vulnerable DLL version is older than 10.0.1.294. Red Hat and CVE datab...

10CVSS7.8AI score0.03836EPSS
CVE
CVE
added 2009/02/26 4:0 p.m.54 views

CVE-2009-0523

Adobe RoboHelp Server 6/7 are affected by multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script via crafted URLs displayed in the Help Errors log. The issues stem from input validation errors in template_stock/whutils.js, Report_Template.asp, r...

4.3CVSS5.8AI score0.02078EPSS
CVE
CVE
added 2009/02/26 4:0 p.m.54 views

CVE-2009-0524

CVE-2009-0524 affects Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7. The connected sources describe multiple input validation errors in template_stock/whutils.js, Report_Template.asp, redirect.asp, and SQL_Lib.asp that enable cross-site scripting via URLs crafted from RoboHelp-produced file...

4.3CVSS5.7AI score0.02146EPSS
CVE
CVE
added 2008/02/15 12:0 a.m.52 views

CVE-2008-0642

CVE-2008-0642 describes a cross-site scripting (XSS) vulnerability in files created by Adobe RoboHelp 6 and 7, potentially involving WebHelp5 (WebHelp5Ext) or WildFire (WildFireExt) extensions. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors and is...

6.1CVSS5.8AI score0.03931EPSS
CVE
CVE
added 2010/10/26 6:0 p.m.51 views

CVE-2010-2886

CVE-2010-2886 affects Adobe RoboHelp 7/8 and RoboHelp Server 7/8. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Root cause is a vulnerability in how the products handle input/...

4.3CVSS5.8AI score0.01791EPSS
CVE
CVE
added 2010/10/26 6:0 p.m.50 views

CVE-2010-2885

CVE-2010-2885 concerns an XSS vulnerability in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8. The connected records specify that the vulnerability arises in the WebHelp generation process with RoboHelp for Word, enabling remote attackers to inject arbitrary web script or HTML. Affected prod...

4.3CVSS5.8AI score0.01735EPSS
CVE
CVE
added 2016/12/15 6:31 a.m.48 views

CVE-2016-7891

Adobe RoboHelp is affected by a cross-site scripting (XSS) vulnerability (CVE-2016-7891) in versions 2015.0.3 and earlier, and RoboHelp 11 and earlier, due to input validation issues that could cause script execution in a user’s browser. An unauthenticated, remote attacker could exploit this via ...

6.1CVSS5.9AI score0.032EPSS