Cross-site scripting vulnerability in Adobe RoboHelp and RoboHelp Server
CVE-2009-0524

Currently unrated

Key Information:

Vendor: Adobe
Status: Robohelp Server; Robohelp
Vendor: CVE Published:; 26 February 2009

What is CVE-2009-0524?

The vulnerability allows remote attackers to exploit Adobe RoboHelp versions 6 and 7, as well as RoboHelp Server 6 and 7, by injecting arbitrary web scripts or HTML into files produced by RoboHelp. This can enable attackers to manipulate content or execute malicious scripts in the context of users' browsers, posing significant risks to web security and user data integrity.

References

http://www.vupen.com/english/advisories/2009/0512

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1021755

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/33888

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 26, 2009
Vulnerability Reserved
Feb 10, 2009