CVE-2026-27246

Name of the Vulnerable Software and Affected Versions Adobe Connect versions 2025.3 and 12.10 and earlier

Description A DOM-based Cross-Site Scripting (XSS) issue exists where an attacker can manipulate the Document Object Model (DOM) environment to execute malicious JavaScript in the victim's browser. This requires the victim to visit a specially crafted webpage. This can lead to full session hijacking across enterprise video conferences.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.