Robohelp
CVE-2012-0765
MEDIUM
Severity by source
AV:N/AC:M/Au:N/C:N/I:P/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:M/Au:N/C:N/I:P/A:N
Lifecycle Timeline
1DescriptionCVE.org
Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to certain .htm files in (1) template_stock and (2) template_csh directories.
AnalysisAI
Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to certain .htm files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to certain .htm files in (1) template_stock and (2) template_csh directories. Affected products include: Adobe Robohelp.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.
MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary code or cause a denial of service (memory corruptio
Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which allows attackers to obtain sensitive information via
Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that coul
Adobe RoboHelp has a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is r
Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier have an input validation issue that could be used i
Adobe RoboHelp has an Open Redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely expl
Adobe RoboHelp versions 2020.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rate
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today