CVE-2025-54256
published 2025-09-09CVE-2025-54256: Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in arbitrary code execution…
high8.6CVSS 3.1
AVLACLPRNUIRSCCHIHAH
Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must click on a malicious link, and scope is changed.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | dreamweaver | < 21.6 | 21.6 |
| adobe | dreamweaver_desktop | <= 21.5 | — |