CVE-2017-11290UI Misrepresentation / Clickjacking in Adobe Connect

CWE-1021UI Misrepresentation / Clickjacking3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.4%
top 36.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Connect
Timeline
PublishedDec 9
Latest updateMay 13

Description

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administrators to protect users from UI redressing (or clickjacking) attacks.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

NVDadobe/connect9.6.2

🔴Vulnerability Details

2
GHSA
GHSA-4j3g-q7rf-xpg7: An issue was discovered in Adobe Connect 92022-05-13
CVEList
CVE-2017-11290: An issue was discovered in Adobe Connect 92017-12-09
CVE-2017-11290 — UI Misrepresentation / Clickjacking | cvebase