CVE-2012-0765

Adobe RoboHelp <9 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to certain .htm files in (1) template_stock and (2) template_csh directories.

References (6)

[Vendor Advisory] http://www.adobe.com/support/security/bulletins/apsb12-04.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/73179

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/52008

[Third Party Advisory, VDB Entry] http://osvdb.org/79251

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1026676

[Third Party Advisory] http://secunia.com/advisories/47936

Scores

EPSS 0.0163

EPSS Percentile 81.7%

Classification

CWE

CWE-79

Status published

Affected Products (9)

adobe/robohelp

adobe/robohelp

adobe/robohelp

adobe/robohelp

adobe/robohelp

adobe/robohelp

adobe/robohelp

adobe/robohelp

n/a/n/a

Timeline

Published Feb 15, 2012

Tracked Since Feb 18, 2026