CVE-2023-22268

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an low-privileged authenticated attacker. Exploitation of this issue does not require user interaction.

Published: Nov 17, 2023
Updated: Dec 1, 2023
CVE: CVE-2023-22268
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
adobe / robohelp_server	-	11.4.x

https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html

Vulnerability Database

290,206

CVE-2023-22268