CVE-2024-54034
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2024-54034 is a newly disclosed Cross-Site Scripting (XSS) vulnerability affecting Adobe Connect versions 12.6 and 11.4.7, as well as earlier releases. This issue grants attackers the ability to execute malicious JavaScript code within a victim's web browser if they can trick the victim into visiting a specially crafted URL associated with a vulnerable page. Successful exploitation could lead to data theft, unauthorized account access, or other malicious activities. Users are strongly advised to update their Adobe Connect installations as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe Connect
Affected Vendors
- Adobe