CVE-2025-43567 – Adobe Connect Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-43567

Published : May 13, 2025, 9:16 p.m. | 48 minutes ago

Description : Adobe Connect versions 12.8 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.

Severity: 9.3 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…