CVE-2023-22268

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an low-privileged authenticated attacker. Exploitation of this issue does not require user interaction.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:adobe:robohelp_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

22 Nov 2023, 17:45

Type Values Removed Values Added
CPE cpe:2.3:a:adobe:robohelp_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
References () https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html - () https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html - Release Notes, Vendor Advisory
First Time Microsoft windows
Adobe robohelp Server
Microsoft
Adobe

17 Nov 2023, 13:58

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-17 13:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-22268

Mitre link : CVE-2023-22268

CVE.ORG link : CVE-2023-22268


JSON object : View

Products Affected

microsoft

  • windows

adobe

  • robohelp_server
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')