Cross-Site Scripting Vulnerability in Adobe RoboHelp 6 and 7
CVE-2008-0642

6.1MEDIUM

Key Information:

Vendor

Adobe
Status
Robohelp
Vendor
CVE Published:
15 February 2008

What is CVE-2008-0642?

The identified vulnerability in Adobe RoboHelp versions 6 and 7 allows remote attackers to exploit cross-site scripting (XSS) weaknesses through specific extensions such as WebHelp5 (WebHelp5Ext) and WildFire (WildFireExt). By injecting arbitrary web scripts or HTML via undefined vectors, attackers can compromise the security of web pages generated by these products. This security flaw highlights the importance of applying security updates and ensuring the robustness of web applications against potential script injections.

References

http://www.adobe.com/support/security/bulletins/apsb08-05...
x_refsource_CONFIRM
http://secunia.com/advisories/28945
third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1019397
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.