CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23201 – Adobe RoboHelp Reflected XSS could lead to Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-23201
Adobe RoboHelp versions 2020.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Adobe RoboHelp versiones 2020.0.7 (y anteriores), están afectadas por una vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejado. Si un atacante es capaz de convencer a una víctima de que visite una URL que haga referencia a una página vulnerable, puede ejecutarse contenido JavaScript malicioso en el contexto del navegador de la víctima • https://helpx.adobe.com/security/products/robohelp/apsb22-10.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21070 – Privilege Escalation Vulnerability in Adobe RoboHelp
https://notcve.org/view.php?id=CVE-2021-21070
Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with admin permissions to write to the file system could leverage this vulnerability to escalate privileges. La versión 2020.0.3 de Adobe Robohelp (y anteriores) se ve afectada por una vulnerabilidad en el elemento de ruta de búsqueda no controlada que podría conducir a una escalada de privilegios. Un atacante con permisos de administrador para escribir en el sistema de archivos podría aprovechar esta vulnerabilidad para escalar privilegios • https://helpx.adobe.com/security/products/robohelp/apsb21-20.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-3105
https://notcve.org/view.php?id=CVE-2017-3105
Adobe RoboHelp has an Open Redirect vulnerability. This affects versions before RH12.0.4.460 and RH2017 before RH2017.0.2. Adobe RoboHelp tiene una vulnerabilidad de redirección abierta Esto afecta a las versiones anteriores a la versión RH12.0.4.460 y RH2017 anteriores a la RH2017.0.2. • http://www.securityfocus.com/bid/100709 http://www.securitytracker.com/id/1039319 https://helpx.adobe.com/security/products/robohelp/apsb17-25.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-3104
https://notcve.org/view.php?id=CVE-2017-3104
Adobe RoboHelp has a cross-site scripting (XSS) vulnerability. This affects versions before RH12.0.4.460 and RH2017 before RH2017.0.2. Adobe RoboHelp tiene una vulnerabilidad de Cross-Site Scripting (XSS). Esto afecta a las versiones anteriores a la versión RH12.0.4.460 y RH2017 anteriores a la RH2017.0.2. • http://www.securityfocus.com/bid/100707 http://www.securitytracker.com/id/1039319 https://helpx.adobe.com/security/products/robohelp/apsb17-25.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7891
https://notcve.org/view.php?id=CVE-2016-7891
Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier have an input validation issue that could be used in cross-site scripting attacks. Adobe RoboHelp versión 2015.0.3 y versiones anteriores, RoboHelp 11 y versiones anteriores tienen un problema de validación de entrada que puede ser utilizado en ataques de XSS. • http://www.securityfocus.com/bid/94878 http://www.securitytracker.com/id/1037456 https://helpx.adobe.com/security/products/robohelp/apsb16-46.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •