Vulnerability in Adobe Robohelp
CVE-2007-1280
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibl…
EPSS: 0.056 (91.9th percentile) — read the EPSS interpretation.
Affected products
- Adobe Robohelp — versions 6, x5
- Adobe Robohelp_server — versions 6
- Microsoft All_windows
- N/a — versions n/a
References
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_MISC)