CVE-2021-40721

Name of the Vulnerable Software and Affected Versions Adobe Connect versions 11.2.3 and earlier

Description A reflected Cross-Site Scripting (XSS) issue allows malicious JavaScript content to be executed within the context of a victim's browser if they visit a URL referencing a vulnerable page. This can happen when an attacker convinces a victim to visit such a URL.

Recommendations For Adobe Connect versions 11.2.3 and earlier, update to a version later than 11.2.3 to resolve the issue. As a temporary workaround, consider restricting access to vulnerable pages until a patch is available. Avoid using URLs that reference vulnerable pages in Adobe Connect until the issue is resolved.