Posted by Stas Volfus on Jun 11

Advisory: Adobe Connect Reflected XSS
Author: Stas Volfus (Bugsec Information Security LTD)
Vendor URL: http://www.adobe.com/
Status: Vendor Notified

==========================
Vulnerability Description
==========================

Adobe Connect (Central) version: 9.3 is vulnerable to Reflected XSS
(Cross Site Scripting).

The attack allows execution of arbitrary JavaScript in the context…