CVE-2014-0562Cross-site Scripting in Adobe Acrobat

CWE-79Cross-site Scripting2 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 31.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedSep 17
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDadobe/acrobat_reader25 versions+24
NVDadobe/acrobat25 versions+24

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

1
GHSA
GHSA-cpmp-65fw-xpw9: Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 102022-05-17
CVE-2014-0562 — Cross-site Scripting in Adobe Acrobat | cvebase