cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-54034,https://securityvulnerability.io/vulnerability/CVE-2024-54034,Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79),"Adobe Connect versions 12.6, 11.4.7, and earlier versions have a reflected Cross-Site Scripting vulnerability that allows attackers to execute malicious JavaScript within a victim's browser. This vulnerability requires the victim to visit a specially crafted URL, facilitating potential session takeover and compromising user confidentiality and integrity. The complexity of the attack is heightened as it depends on the target using a specific browser.",Adobe,Adobe Connect,9.3,CRITICAL,0.0009800000116229057,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54038,https://securityvulnerability.io/vulnerability/CVE-2024-54038,Improper Access Control in Adobe Connect,"Adobe Connect versions 12.6 and 11.4.7, as well as earlier versions, contain a vulnerability characterized by improper access control mechanisms. This flaw allows attackers to exploit the system and bypass critical security features, leading to unauthorized access without the need for user interaction. Organizations using affected versions of Adobe Connect are urged to assess their systems and apply necessary patches to mitigate potential risks associated with this vulnerability.",Adobe,Connect,4.3,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54032,https://securityvulnerability.io/vulnerability/CVE-2024-54032,Adobe Connect | Cross-site Scripting (Stored XSS) (CWE-79),"Adobe Connect versions 12.6, 11.4.7, and earlier are vulnerable to a stored Cross-Site Scripting (XSS) flaw. This vulnerability enables attackers to inject malicious JavaScript code into user-input form fields, potentially leading to the execution of these scripts in the browsers of users accessing the affected pages. A successful exploitation may allow attackers to carry out session hijacking and compromise user confidentiality and integrity.",Adobe,Adobe Connect,9.3,CRITICAL,0.0009800000116229057,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54037,https://securityvulnerability.io/vulnerability/CVE-2024-54037,Adobe Connect | Cross-site Scripting (DOM-based XSS) (CWE-79),"Adobe Connect versions 12.6, 11.4.7, and prior are susceptible to a DOM-based Cross-Site Scripting (XSS) vulnerability. This issue can be exploited by an attacker through the manipulation of a DOM element via a crafted URL or malicious user input, allowing the execution of arbitrary code within the victim's browser session. To successfully execute this attack, user interaction is necessary; the victim must visit a compromised link or submit data through a manipulated form. The vulnerability's exploitation hinges on the victim permitting all popups, which elevates the complexity of the attack. Attackers leveraging this vulnerability can potentially execute harmful scripts that may lead to session hijacking and compromise sensitive information.",Adobe,Adobe Connect,8.1,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54051,https://securityvulnerability.io/vulnerability/CVE-2024-54051,URL Redirection to Untrusted Site Vulnerability in Adobe Connect,"Adobe Connect versions 12.6, 11.4.7, and earlier are susceptible to an Open Redirect vulnerability. This flaw allows an attacker to redirect users to potentially harmful websites by manipulating URL requests. Exploiting this vulnerability necessitates user interaction, making it crucial for users to be vigilant while accessing links in communications related to Adobe Connect.",Adobe,Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54050,https://securityvulnerability.io/vulnerability/CVE-2024-54050,URL Redirection Vulnerability in Adobe Connect Software,"Adobe Connect versions, including 12.6 and 11.4.7, contain a vulnerability that allows for URL redirection to untrusted sites. Attackers can exploit this issue to redirect users to malicious websites, potentially leading to further security risks. Successful exploitation of this vulnerability necessitates user interaction, emphasizing the importance of user awareness and caution when engaging with links within the application.",Adobe,Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49550,https://securityvulnerability.io/vulnerability/CVE-2024-49550,Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79),"Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.",Adobe,Adobe Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54042,https://securityvulnerability.io/vulnerability/CVE-2024-54042,Reflected XSS Vulnerability in Adobe Connect by Adobe,"Adobe Connect is susceptible to a reflected Cross-Site Scripting (XSS) vulnerability affecting versions 12.6, 11.4.7, and earlier. This vulnerability allows unauthenticated attackers to exploit it by persuading victims to access a specific URL linked to a compromised page. If successful, malicious JavaScript can be executed within the victim's browser context, potentially leading to unauthorized actions or data exposure.",Adobe,Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54045,https://securityvulnerability.io/vulnerability/CVE-2024-54045,Reflected XSS Vulnerability in Adobe Connect Affecting Multiple Versions,"A reflected Cross-Site Scripting (XSS) vulnerability exists in Adobe Connect versions 12.6 and 11.4.7 and earlier. An unauthenticated attacker could exploit this vulnerability by persuading a victim to click a malicious link that references a vulnerable page. Upon accessing this link, arbitrary JavaScript code may be executed within the victim's browser, potentially leading to unauthorized actions or information disclosure.",Adobe,Adobe Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54036,https://securityvulnerability.io/vulnerability/CVE-2024-54036,Stored Cross-Site Scripting Vulnerability in Adobe Connect,"Adobe Connect versions 12.6, 11.4.7, and earlier are susceptible to a stored Cross-Site Scripting vulnerability, allowing attackers to inject malicious scripts into form fields. When a user accesses a page with a compromised field, the attacker's JavaScript code can execute in their browser, potentially leading to session hijacking and risks to both confidentiality and integrity of user data.",Adobe,Connect,9.3,CRITICAL,0.0009800000116229057,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54040,https://securityvulnerability.io/vulnerability/CVE-2024-54040,Stored Cross-Site Scripting Vulnerability in Adobe Connect,"Adobe Connect versions 12.6, 11.4.7, and earlier are susceptible to a stored Cross-Site Scripting (XSS) vulnerability that allows attackers to embed malicious scripts in exposed form fields. This flaw can lead to execution of harmful JavaScript in a victim's browser when the targeted page with the compromised field is accessed, potentially facilitating further attacks or data loss.",Adobe,Connect,5.4,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54046,https://securityvulnerability.io/vulnerability/CVE-2024-54046,Reflected XSS Vulnerability in Adobe Connect Products,"A reflected Cross-Site Scripting (XSS) vulnerability exists in Adobe Connect, specifically in versions 12.6, 11.4.7, and earlier. This vulnerability could allow an unauthenticated attacker to execute malicious JavaScript in the context of a user's browser by persuading them to click on a specially crafted URL that targets a vulnerable page. This can lead to unauthorized access to sensitive information or compromised user sessions, putting users and their data at risk.",Adobe,Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54043,https://securityvulnerability.io/vulnerability/CVE-2024-54043,Reflected Cross-Site Scripting Vulnerability in Adobe Connect,Adobe Connect versions 12.6 and 11.4.7 and earlier have a reflected Cross-Site Scripting vulnerability that permits an unauthenticated attacker to execute malicious JavaScript in the context of a victim's browser if the victim is tricked into visiting a specially crafted URL. This issue highlights the importance of user awareness and proper security measures when clicking on links.,Adobe,Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54049,https://securityvulnerability.io/vulnerability/CVE-2024-54049,Reflected XSS Vulnerability in Adobe Connect Products,"Adobe Connect versions 12.6, 11.4.7, and earlier versions are exposed to a reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to execute malicious JavaScript code within the victim's browser if the victim is tricked into clicking on a specially crafted URL that references a vulnerable page. Users are advised to be cautious and ensure that they are using the most recent updates to mitigate risks associated with this vulnerability.",Adobe,Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54048,https://securityvulnerability.io/vulnerability/CVE-2024-54048,Reflected Cross-Site Scripting Vulnerability in Adobe Connect,"Adobe Connect versions 12.6, 11.4.7, and earlier are susceptible to a reflected Cross-Site Scripting vulnerability. An unauthenticated attacker can exploit this issue by luring a victim to a specially crafted URL associated with a vulnerable page. When the victim accesses this URL, it can execute malicious JavaScript within the victim's browser, potentially leading to unauthorized access or data compromise. This vulnerability highlights the need for robust input validation and user awareness to prevent exploitation.",Adobe,Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54044,https://securityvulnerability.io/vulnerability/CVE-2024-54044,Reflected Cross-Site Scripting Vulnerability in Adobe Connect,"Adobe Connect is vulnerable to a reflected Cross-Site Scripting (XSS) flaw that may allow unauthenticated attackers to execute malicious JavaScript within the victim's browser by persuading them to access a specially crafted URL. This vulnerability affects versions 12.6, 11.4.7, and earlier releases, emphasizing the need for users to ensure they are running the latest, secure version of the software to safeguard their systems against possible exploits.",Adobe,Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54047,https://securityvulnerability.io/vulnerability/CVE-2024-54047,Reflected XSS Vulnerability in Adobe Connect,"Adobe Connect, a popular online meeting and collaboration platform, is susceptible to a reflected Cross-Site Scripting (XSS) vulnerability in versions 12.6 and 11.4.7 and earlier. This vulnerability allows an unauthenticated attacker to exploit a vulnerable page by tricking the user into clicking a specially crafted URL. If successful, the malicious JavaScript executed in the user's browser could lead to unauthorized actions, data breaches, or other security issues. Users of affected versions should apply available updates and implement necessary security measures to mitigate risk.",Adobe,Connect,6.1,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54041,https://securityvulnerability.io/vulnerability/CVE-2024-54041,Stored Cross-Site Scripting Vulnerability in Adobe Connect,"Adobe Connect is affected by a stored Cross-Site Scripting (XSS) vulnerability that enables attackers to inject harmful scripts into its form fields. When a user interacts with a compromised form, malicious JavaScript can execute in their browser, potentially leading to unauthorized actions or data exposure. Both version 12.6 and 11.4.7, along with earlier releases, are at risk, requiring users to take immediate measures to secure their environments. For more detailed information on this vulnerability, please visit Adobe's official security advisory.",Adobe,Connect,5.4,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-54039,https://securityvulnerability.io/vulnerability/CVE-2024-54039,Stored Cross-Site Scripting Vulnerability in Adobe Connect,"Adobe Connect versions 12.6, 11.4.7, and earlier are susceptible to a stored Cross-Site Scripting (XSS) vulnerability. This flaw allows attackers to inject malicious scripts into form fields, which may result in the execution of harmful JavaScript in the browser of unsuspecting users when they access the compromised page. The exploitation of this vulnerability poses significant security risks, as it enables attackers to manipulate content, steal sensitive information, or perform actions on behalf of users.",Adobe,Connect,5.4,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2023-29305,https://securityvulnerability.io/vulnerability/CVE-2023-29305,Adobe Connect Reflected Cross-Site Scripting (XSS) Arbitrary code execution,"Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.",Adobe,Adobe Connect,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2023-09-13T09:15:00.000Z,0
CVE-2023-29306,https://securityvulnerability.io/vulnerability/CVE-2023-29306,Adobe Connect Reflected Cross-Site Scripting (XSS) Arbitrary code execution,"Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.",Adobe,Adobe Connect,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2023-09-13T09:15:00.000Z,0
CVE-2023-22232,https://securityvulnerability.io/vulnerability/CVE-2023-22232,Adobe Connect Improper Access Control Security feature bypass,"Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not require user interaction.",Adobe,Connect,5.3,MEDIUM,0.029570000246167183,false,,false,false,false,,,false,false,,2023-02-17T00:00:00.000Z,0
CVE-2021-40719,https://securityvulnerability.io/vulnerability/CVE-2021-40719,Adobe Connect Deserialization of Untrusted Data Remote Code Execution,Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the server.,Adobe,Connect,9.8,CRITICAL,0.0064500002190470695,false,,false,false,false,,,false,false,,2021-10-21T20:15:00.000Z,0
CVE-2021-40721,https://securityvulnerability.io/vulnerability/CVE-2021-40721,Adobe Connect Reflected Cross Site Scripting,"Adobe Connect version 11.2.3 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.",Adobe,Connect,6.1,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2021-10-15T15:15:00.000Z,0
CVE-2021-36061,https://securityvulnerability.io/vulnerability/CVE-2021-36061,Adobe Connect Violation of Secure Design Principles Vulnerability Can Lead To Editing Or Deleting Recordings,Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Connect environment. Exploitation of this issue requires user interaction in that a victim must publish a link of a Connect recording.,Adobe,Connect,5.4,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2021-09-01T15:15:00.000Z,0