Security News > 2020 > September > Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers

Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers
2020-09-08 16:52

The cross-site scripting flaws could allow attackers to execute JavaScript in targets' browsers.

Including Adobe Experience Manager, Adobe fixed 18 flaws as part of its regularly scheduled September updates.

Adobe on Sept. 15 also fixed "Important-severity" flaws in Adobe Media Encoder.

In April, Adobe plugged 11 critical security holes in Acrobat and Reader, which if exploited could allow attackers to remotely execute code or sidestep security features in the app.

Overall, as part of its regularly scheduled security updates in August, Adobe fixed critical- and important-severity flaws tied to 26 CVEs - all stemming from its popular Acrobat and Reader document-management application - as well as one important-severity CVE in Adobe Lightroom, which is its image manipulation software.


News URL

https://threatpost.com/critical-adobe-flaws-attackers-javascript-browsers/159026/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 164 60 1916 814 2133 4923