Stored Cross-Site Scripting Vulnerability in Adobe Connect
CVE-2024-54041
5.4MEDIUM
Summary
Adobe Connect is affected by a stored Cross-Site Scripting (XSS) vulnerability that enables attackers to inject harmful scripts into its form fields. When a user interacts with a compromised form, malicious JavaScript can execute in their browser, potentially leading to unauthorized actions or data exposure. Both version 12.6 and 11.4.7, along with earlier releases, are at risk, requiring users to take immediate measures to secure their environments. For more detailed information on this vulnerability, please visit Adobe's official security advisory.
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published