CVE-2010-2885

Adobe RoboHelp <8 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allows remote attackers to inject arbitrary web script or HTML via vectors related to WebHelp generation with RoboHelp for Word.

References (4)

[Vendor Advisory] http://secunia.com/advisories/41870

[Patch] http://securitytracker.com/id?1024611

[Patch, Vendor Advisory] http://www.adobe.com/support/security/bulletins/apsb10-23.html

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/2718

Scores

EPSS 0.0062

EPSS Percentile 69.8%

Classification

CWE

CWE-79

Status published

Affected Products (5)

adobe/robohelp

adobe/robohelp_server

n/a/n/a

Timeline

Published Oct 26, 2010

Tracked Since Feb 18, 2026