16 matches found
CVE-2022-23201
CVE-2022-23201 affects Adobe RoboHelp 2020.0.7 and earlier, with a reflected Cross-Site Scripting (XSS) vulnerability that can execute malicious JavaScript in the victim’s browser when a user visits a crafted URL referencing a vulnerable page. Root cause: insufficient input/output handling in Rob...
CVE-2017-3104
Adobe RoboHelp for Windows is affected by a cross-site scripting (XSS) vulnerability in CVE-2017-3104, impacting versions before RH12.0.4.460 and RH2017 before RH2017.0.2. The underlying issue is input validation, enabling injection of malicious script when handling user data. Mitigation is avail...
CVE-2007-1280
The CVE-2007-1280 entry describes an XSS vulnerability in Adobe RoboHelp X5, X6, and RoboHelp Server 6. The issue allows remote attackers to inject arbitrary script/HTML via a URL that includes a # (hash) in the path, demonstrated with en/frameset-7.html and potentially other vectors involving te...
CVE-2011-2133
Adobe RoboHelp 8/9 (and RoboHelp Server 8/9) are affected by a DOM-based XSS in the URI handling via template_stock/whutils.js, allowing arbitrary script/HTML execution. The issue is documented as CVE-2011-2133; a patch exists to address the vulnerability in RoboHelp/RoboHelp Server prior to 9.0....
CVE-2021-21070
CVE-2021-21070 (Adobe RoboHelp) affects RoboHelp 2020.0.3 and earlier; root cause is an uncontrolled search path element that can enable privilege escalation. An attacker with write access on the host could escalate to higher privileges by exploiting the vulnerable RoboHelp. The issue is reported...
CVE-2016-1035
Adobe RoboHelp Server 9 (before 9.0.1) is affected by an unspecified SQL injection vulnerability due to improper sanitization of user input in SQL queries. An unauthenticated, remote attacker could disclose arbitrary data via unspecified vectors. The issue is associated with APSB16-12, and Adobe ...
CVE-2017-3105
Adobe RoboHelp for Windows is affected by CVE-2017-3105 (Open Redirect). The vulnerability impacts RoboHelp RH before 12.0.4.460 and RH2017 before RH2017.0.2. Underlying issue: open redirection could lead users to a malicious site. Mitigation: patch releases APSB17-25 specify RoboHelp updates to ...
CVE-2011-0613
CVE-2011-0613 involves multiple cross-site scripting (XSS) flaws in RoboHelp 7/8 and RoboHelp Server 7/8. The vulnerabilities are tied to RoboHTML/WildFireExt/TemplateStock components and vectors related to wf_status.htm and wf_topicfs.htm, allowing remote attackers to inject arbitrary script or ...
CVE-2012-0765
Adobe RoboHelp for Word (versions 8 and 9) is affected by multiple XSS vulnerabilities via crafted URLs targeting specific .htm files in template_stock and template_csh directories. The issue can allow remote attackers to execute arbitrary script in the user’s browser. Public references indicate ...
CVE-2013-5327
Adobe RoboHelp 10 is affected by CVE-2013-5327 through MDBMS.dll, which permits arbitrary code execution or memory corruption via unspecified vectors. OpenVAS and Tenable entries reference APSB13-24/APSB13-024 and indicate the vulnerable DLL version is older than 10.0.1.294. Red Hat and CVE datab...
CVE-2009-0523
Adobe RoboHelp Server 6/7 are affected by multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script via crafted URLs displayed in the Help Errors log. The issues stem from input validation errors in template_stock/whutils.js, Report_Template.asp, r...
CVE-2009-0524
CVE-2009-0524 affects Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7. The connected sources describe multiple input validation errors in template_stock/whutils.js, Report_Template.asp, redirect.asp, and SQL_Lib.asp that enable cross-site scripting via URLs crafted from RoboHelp-produced file...
CVE-2008-0642
CVE-2008-0642 describes a cross-site scripting (XSS) vulnerability in files created by Adobe RoboHelp 6 and 7, potentially involving WebHelp5 (WebHelp5Ext) or WildFire (WildFireExt) extensions. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors and is...
CVE-2010-2886
CVE-2010-2886 affects Adobe RoboHelp 7/8 and RoboHelp Server 7/8. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Root cause is a vulnerability in how the products handle input/...
CVE-2010-2885
CVE-2010-2885 concerns an XSS vulnerability in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8. The connected records specify that the vulnerability arises in the WebHelp generation process with RoboHelp for Word, enabling remote attackers to inject arbitrary web script or HTML. Affected prod...
CVE-2016-7891
Adobe RoboHelp is affected by a cross-site scripting (XSS) vulnerability (CVE-2016-7891) in versions 2015.0.3 and earlier, and RoboHelp 11 and earlier, due to input validation issues that could cause script execution in a user’s browser. An unauthenticated, remote attacker could exploit this via ...