CVE-2011-2133

Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js.

Published: Aug 12, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-2133
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
adobe / robohelp	8	8.x
adobe / robohelp	9	9.x
adobe / robohelp	9.0.1.232	9.0.1.232.x
adobe / robohelp_server	9	9.x
adobe / robohelp_server	8	8.x

http://securityreason.com/securityalert/8334
http://www.adobe.com/support/security/bulletins/apsb11-23.html
http://www.us-cert.gov/cas/techalerts/TA11-222A.html

Vulnerability Database

290,206

CVE-2011-2133