First published: Fri Nov 17 2023(Updated: )
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
|Affected Software||Affected Version||How to fix|
|Adobe RoboHelp Server||<=11.4|
CVE-2023-22275 is an SQL Injection vulnerability in Adobe RoboHelp Server that could lead to information disclosure by an unauthenticated attacker.
CVE-2023-22275 affects Adobe RoboHelp Server versions 11.4 and earlier.
The severity of CVE-2023-22275 is high with a CVSS score of 7.5.
An attacker can exploit CVE-2023-22275 by injecting malicious SQL commands to retrieve sensitive information from the server.
No, user interaction is not required to exploit CVE-2023-22275.
To fix CVE-2023-22275, update Adobe RoboHelp Server to version 11.4.1 or later.