Bulletin ID
Security update available for RoboHelp | APSB22-10
|
Date Published |
Priority |
---|---|---|
APSB22-10 |
July 12, 2022 |
3 |
Summary
Adobe has released a security update for RoboHelp. This update resolves a vulnerability rated important. Successful exploitation could lead to arbitrary code execution in the context of current user.
Affected product versions
Product |
Version |
Platform |
---|---|---|
RoboHelp |
RH2020.0.7 and earlier versions |
Windows and macOS |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product |
Version |
Platform |
Priority |
Availability |
---|---|---|---|---|
RoboHelp |
RH2020.0.8 |
Windows and macOS |
3 |
Vulnerability details
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVSS vector |
CVE Numbers |
---|---|---|---|---|---|
Cross-site Scripting (XSS) (CWE-79) |
Arbitrary code execution |
Important |
6.5 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
CVE-2022-23201 |
Acknowledgments
Adobe would like to thank MCKINEY,KRISTI (Agilent USA) for reporting this issue (CVE-2022-23201) and for working with Adobe to help protect our customers.