CVE-2023-29306

Name of the Vulnerable Software and Affected Versions Adobe Connect versions 12.3 and earlier

Description The issue is related to a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker can convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. This vulnerability is associated with the failure to protect the structure of web pages, which can allow a remote attacker to conduct an XSS attack.

Recommendations For Adobe Connect versions 12.3 and earlier, update to a version later than 12.3 to resolve the issue. As a temporary workaround, consider restricting access to vulnerable pages until a patch is available. Avoid convincing victims to visit URLs referencing vulnerable pages to minimize the risk of exploitation.