Adobe has released a security update for RoboHelp for Windows. This update resolves an important input validation vulnerability that could be used in a cross-site scripting attack (CVE-2017-3104), as well as an unvalidated URL redirect vulnerability rated moderate that could be used in phishing campaigns (CVE-2017-3105).
|RoboHelp||RH2017.0.1 and earlier versions||Windows|
|RoboHelp||RH220.127.116.110 and earlier versions||Windows|
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
|Vulnerability Category||Vulnerability Impact||Severity||CVE Numbers|
|Improper Neutralization of Input During Web Page Generation||DOM-based cross-site scripting attack||Important||CVE-2017-3104
|Improper Neutralization of Input During Web Page Generation||Open Redirect attack||Moderate||CVE-2017-3105