Adobe: >> Connect >> 9.4.1 Security Vulnerabilities
Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks.
CVSS Score
6.1
EPSS Score
0.07
Published
2016-11-08
Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.009
Published
2016-05-30
Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.018
Published
2016-02-10
Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL.
CVSS Score
9.8
EPSS Score
0.044
Published
2016-02-10
Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
8.8
EPSS Score
0.019
Published
2016-02-10
Page 7