URL Redirection Vulnerability in Adobe Connect Software
CVE-2024-54050

6.1MEDIUM

Key Information:

Vendor: Adobe
Status: Connect
Vendor: CVE Published:; 10 December 2024

Summary

Adobe Connect versions, including 12.6 and 11.4.7, contain a vulnerability that allows for URL redirection to untrusted sites. Attackers can exploit this issue to redirect users to malicious websites, potentially leading to further security risks. Successful exploitation of this vulnerability necessitates user interaction, emphasizing the importance of user awareness and caution when engaging with links within the application.

References

https://helpx.adobe.com/security/products/connect/apsb24-...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 10, 2024