CVE-2024-49550

Name of the Vulnerable Software and Affected Versions: Adobe Connect versions 12.6, 11.4.7 and earlier

Description: The issue is related to a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker convinces a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. The vulnerability is associated with insufficient protection of the web page structure, which can allow a remote attacker to execute arbitrary code.

Recommendations: For Adobe Connect versions 12.6 and earlier: Update to a version that is not affected by this vulnerability. For Adobe Connect version 11.4.7 and earlier: Update to a version that is not affected by this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.