CVE-2011-2133

Description

Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js.

Affected products

• Adobe / RoboHelp8 – 8
• Adobe / RoboHelp9 – 9
• Adobe / RoboHelp9.0.1.232 – 9.0.1.232
• Adobe / RoboHelp Server8 – 8
• Adobe / RoboHelp Server9 – 9

References

• MISChttp://www.us-cert.gov/cas/techalerts/TA11-222A.html
• VENDOR_ADVISORYhttp://www.adobe.com/support/security/bulletins/apsb11-23.html
• MISChttp://securityreason.com/securityalert/8334