CVE-2021-21080: Adobe Connect Reflected Cross-site Scripting via query parameter
First published: Fri Mar 12 2021(Updated: )
Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious JavaScript content that may be executed within the context of the victim's browser when they browse to the page containing the vulnerable field.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Connect | <=11.0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Adobe Connect vulnerability?
The vulnerability ID for this Adobe Connect vulnerability is CVE-2021-21080.
What is the severity of CVE-2021-21080?
CVE-2021-21080 has a severity level of medium with a CVSS score of 6.1.
How does CVE-2021-21080 affect Adobe Connect?
CVE-2021-21080 affects Adobe Connect versions 11.0.7 and earlier.
What is the impact of CVE-2021-21080?
CVE-2021-21080 allows an attacker to inject malicious JavaScript content that can be executed within the victim's browser.
Is there a fix available for CVE-2021-21080?
Yes, Adobe has released a security update to address the vulnerability. It is recommended to update to the latest version of Adobe Connect.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/title
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/adobe
- canonical/adobe connect
- version/adobe connect/11.0.7