Page 5 of 54 results (0.012 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-11288

https://notcve.org/view.php?id=CVE-2017-11288

09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de Cross-Site Scripting reflejado que podría desembocar en una divulgación de información. • http://www.securityfocus.com/bid/101838 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-11290

https://notcve.org/view.php?id=CVE-2017-11290

09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administrators to protect users from UI redressing (or clickjacking) attacks. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de secuestro de clicks (clickjacking o UI Redress). • http://www.securityfocus.com/bid/101838 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-11287

https://notcve.org/view.php?id=CVE-2017-11287

09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de Cross-Site Scripting reflejado que podría desembocar en una divulgación de información. • http://www.securityfocus.com/bid/101838 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-11291

https://notcve.org/view.php?id=CVE-2017-11291

09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) que podría ser aprovechada para omitir los controles de acceso a la red. • http://www.securityfocus.com/bid/101838 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-3103

https://notcve.org/view.php?id=CVE-2017-3103

14 Jul 2017 — Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to a stored cross-site scripting attack. Adobe Connect versiones 9.6.1 y anteriores, presenta una vulnerabilidad de tipo cross-site scripting almacenado. Una explotación con éxito podría conllevar a un ataque de tipo cross-site scripting (XSS) almacenado. • http://www.securityfocus.com/bid/99518 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-3101

https://notcve.org/view.php?id=CVE-2017-3101

14 Jul 2017 — Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability. Successful exploitation could lead to a clickjacking attack. Adobe Connect versiones 9.6.1 y anteriores, presenta una vulnerabilidad de secuestro de cliqueo. Una explotación con éxito podría conllevar a un ataque de secuestro de cliqueo. • http://www.securityfocus.com/bid/99521 •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-3102

https://notcve.org/view.php?id=CVE-2017-3102

14 Jul 2017 — Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack. Adobe Connect versiones 9.6.1 y anteriores, presenta una vulnerabilidad de tipo cross-site scripting reflejado. Una explotación con éxito podría conllevar a un ataque de tipo cross-site scripting reflejado. • http://www.securityfocus.com/bid/99517 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2016-7851 – Adobe Connect 9.5.7 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2016-7851

08 Nov 2016 — Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks. Adobe Connect versión 9.5.6 y versiones anteriores no valida adecuadamente entradas en el módulo de registro de eventos. Esta vulnerabilidad puede ser explotada en ataques de XSS. • https://www.exploit-db.com/exploits/40742 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-4118

https://notcve.org/view.php?id=CVE-2016-4118

30 May 2016 — Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. Vulnerabilidad de ruta de búsqueda no fiable en el instalador en Adobe Connect Add-In en versiones anteriores a la 11.9.976.291 en Windows permite que usuarios locales obtengan privilegios mediante vectores sin especificar. • http://www.securityfocus.com/bid/90815 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-0950

https://notcve.org/view.php?id=CVE-2016-0950

10 Feb 2016 — Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors. Adobe Connect en versiones anteriores a 9.5.2 permite a atacantes remotos suplantar la interfaz de usuario a través de vectores no especificados. • http://www.securitytracker.com/id/1034978 • CWE-20: Improper Input Validation CWE-254: 7PK - Security Features •