Cross-Site Scripting Vulnerability in Adobe RoboHelp Server
CVE-2008-2991

Currently unrated

Key Information:

Vendor: Adobe
Status: Robohelp Server
Vendor: CVE Published:; 9 July 2008

Summary

The vulnerability in Adobe RoboHelp Server 6 and 7 enables remote attackers to exploit cross-site scripting flaws by injecting arbitrary web scripts or HTML through specific vectors associated with the Help Errors log. This could lead to unauthorized actions performed on behalf of users visiting affected pages, potentially exposing sensitive information or allowing further attacks.

References

http://www.securityfocus.com/bid/30137

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2008/2026/references

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/31001

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jul 9, 2008
Vulnerability Reserved
Jul 2, 2008