Cross-Site Scripting Vulnerability in Adobe RoboHelp 6 and 7
CVE-2008-0642

Currently unrated

Key Information:

Vendor: Adobe
Status: Robohelp
Vendor: CVE Published:; 15 February 2008

Summary

The identified vulnerability in Adobe RoboHelp versions 6 and 7 allows remote attackers to exploit cross-site scripting (XSS) weaknesses through specific extensions such as WebHelp5 (WebHelp5Ext) and WildFire (WildFireExt). By injecting arbitrary web scripts or HTML via undefined vectors, attackers can compromise the security of web pages generated by these products. This security flaw highlights the importance of applying security updates and ensuring the robustness of web applications against potential script injections.

References

http://www.adobe.com/support/security/bulletins/apsb08-05...

x_refsource_CONFIRM

http://secunia.com/advisories/28945

third-party-advisoryx_refsource_SECUNIA

http://securitytracker.com/id?1019397

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Feb 15, 2008
Vulnerability Reserved
Feb 7, 2008