CVE-2008-2991

MEDIUM

Adobe Robohelp Server - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log.

References (5)

[Exploit] http://securitytracker.com/id?1020442

[Exploit] http://www.adobe.com/support/security/bulletins/apsb08-16.html

[Exploit] http://www.securityfocus.com/bid/30137

[Third Party Advisory] http://secunia.com/advisories/31001

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/2026/references

Scores

CVSS v3 6.1

EPSS 0.0300

EPSS Percentile 86.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Classification

CWE

CWE-79

Status draft

Affected Products (2)

adobe/robohelp_server

Timeline

Published Jul 09, 2008

Tracked Since Feb 18, 2026