CVE-2023-22274

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:adobe:robohelp_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

22 Nov 2023, 17:44

Type Values Removed Values Added
First Time Microsoft windows
Adobe robohelp Server
Microsoft
Adobe
CPE cpe:2.3:a:adobe:robohelp_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
References () https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html - () https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html - Release Notes, Vendor Advisory

17 Nov 2023, 13:58

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-17 13:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-22274

Mitre link : CVE-2023-22274

CVE.ORG link : CVE-2023-22274


JSON object : View

Products Affected

microsoft

  • windows

adobe

  • robohelp_server
CWE
CWE-611

Improper Restriction of XML External Entity Reference