Stored Cross-Site Scripting Vulnerability in Adobe Connect
CVE-2024-54036
9.3CRITICAL
What is CVE-2024-54036?
Adobe Connect versions 12.6, 11.4.7, and earlier are susceptible to a stored Cross-Site Scripting vulnerability, allowing attackers to inject malicious scripts into form fields. When a user accesses a page with a compromised field, the attacker's JavaScript code can execute in their browser, potentially leading to session hijacking and risks to both confidentiality and integrity of user data.