Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24443
Reference (s):
- https://helpx.adobe.com/security/products/connect/apsb20-69.html
- URL: https://helpx.adobe.com/security/products/connect/apsb20-69.html