XSS in Adobe Robohelp
CVE-2011-2133
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.030 (85.6th percentile) — read the EPSS interpretation.
Affected products
- Adobe Robohelp — versions 8, 9, 9.0.1.232
- Adobe Robohelp_server — versions 8, 9
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@adobe.com (US Government Resource, x_refsource_CERT, third-party-advisory)
- psirt@adobe.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@adobe.com (x_refsource_SREASON, third-party-advisory)