header-logo
Suggest Exploit
vendor:
RoboHelp 9
by:
Security-Assessment.com
8.8
CVSS
HIGH
DOM Cross Site Scripting
79
CWE
Product Name: RoboHelp 9
Affected Version From: RoboHelp 9
Affected Version To: RoboHelp 9
Patch Exists: Yes
Related CWE: CVE-2011-2133
CPE: a:adobe:robohelp:9
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2011

Adobe RoboHelp9 DOM Cross Site Scripting

Adobe RoboHelp 9 is vulnerable to DOM Cross Site Scripting (XSS) attacks. This vulnerability is due to insufficient input validation of user-supplied data. An attacker can exploit this vulnerability by enticing an unsuspecting user to click on a malicious link. This can result in the execution of arbitrary HTML and script code in the context of the affected user’s browser.

Mitigation:

Adobe has released a patch to address this vulnerability. Users are advised to apply the patch as soon as possible.
Source

Exploit-DB raw data:

Details for the CVE - 2011-2133 - Adobe RoboHelp9 DOM Cross Site
Scripting below have been published at the following URLs:

PDF version:
http://www.security-assessment.com/files/documents/advisory/Adobe_RoboHelp_9_-_DOM_XSS.pdf

HTML version:
http://malerisch.net/docs/advisories/adobe_robohelp_dom_cross_site_scripting_xss.html

For reference, original vendor advisory:
http://www.adobe.com/support/security/bulletins/apsb11-23.html

Mirror: http://www.exploit-db.com/docs/17653.pdf

Navigation

Suggest Exploit

Services By CQR