Adobe: >> Connect >> 9.4.2 Security Vulnerabilities
Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks.
CVSS Score
6.1
EPSS Score
0.065
Published
2016-11-08
Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.006
Published
2016-05-30
Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.007
Published
2016-02-10
Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL.
CVSS Score
9.8
EPSS Score
0.024
Published
2016-02-10
Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
8.8
EPSS Score
0.003
Published
2016-02-10
Page 6