First published: Fri Nov 17 2023(Updated: )
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an low-privileged authenticated attacker. Exploitation of this issue does not require user interaction.
|Affected Software||Affected Version||How to fix|
|Adobe RoboHelp Server||<=11.4|
The vulnerability ID for this Adobe RoboHelp Server vulnerability is CVE-2023-22268.
The title of this vulnerability is ZDI-CAN-21308: Adobe RoboHelp Server getRHSGroupsForRoles SQL Injection Information Disclosure Vulnerability.
Adobe RoboHelp Server versions 11.4 and earlier are affected by this vulnerability.
The severity of CVE-2023-22268 is medium with a CVSS score of 6.5.
An attacker can exploit this vulnerability by injecting malicious SQL commands to disclose sensitive information.