Vulnerabilities > Adobe > Connect > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-12-09 | CVE-2017-11288 | Cross-site Scripting vulnerability in Adobe Connect An issue was discovered in Adobe Connect 9.6.2 and earlier versions. | 4.3 |
2017-12-09 | CVE-2017-11287 | Cross-site Scripting vulnerability in Adobe Connect An issue was discovered in Adobe Connect 9.6.2 and earlier versions. | 4.3 |
2017-07-17 | CVE-2017-3103 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. | 4.3 |
2017-07-17 | CVE-2017-3102 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. | 4.3 |
2017-07-17 | CVE-2017-3101 | Unspecified vulnerability in Adobe Connect Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability. | 5.0 |
2016-11-08 | CVE-2016-7851 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. | 4.3 |
2016-02-10 | CVE-2016-0950 | Improper Input Validation vulnerability in Adobe Connect Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors. | 5.0 |
2016-02-10 | CVE-2016-0948 | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Connect Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2015-06-13 | CVE-2015-0344 | Cross-site Scripting vulnerability in Adobe Connect Cross-site scripting (XSS) vulnerability in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-06-13 | CVE-2015-0343 | Cross-site Scripting vulnerability in Adobe Connect Cross-site scripting (XSS) vulnerability in admin/home/homepage/search in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | 4.3 |