Reflected Cross-Site Scripting Vulnerability in Adobe Connect
CVE-2017-11287

6.1MEDIUM

Key Information:

Vendor
Adobe
Status
Adobe Connect 9.6.2 And Earlier Versions
Vendor
CVE Published:
9 December 2017

Summary

A reflected cross-site scripting vulnerability was identified in Adobe Connect 9.6.2 and prior versions that may allow attackers to submit malicious requests to unsuspecting users. This can potentially lead to unauthorized information disclosure, making the web application vulnerable to various attacks that exploit user sessions and data.

Affected Version(s)

Adobe Connect 9.6.2 and earlier Adobe Connect 9.6.2 and earlier versions

References

https://helpx.adobe.com/security/products/connect/apsb17-...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1039799
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/101838
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.