Adobe Security Bulletin

Release date: November 8, 2016

Vulnerability identifier: APSB16-35

Priority: 3

CVE number: CVE-2016-7851

Platform: Windows

Adobe has released a security update for Adobe Connect for Windows. This update resolves an input validation vulnerability in the events registration module that could be used in cross-site scripting attacks. Adobe recommends users update their product installation using the instructions provided in the “Solution” Section below.

Product	Affected Versions	Platform
Adobe Connect	9.5.6 and earlier versions	Windows

Adobe recommends customers update the Connect instance to the newest version by following the instructions below.

Note: This issue will be automatically resolved for Connect customers using Adobe's hosted services once the account is upgraded to Connect 9.5.7.

Product	Updated Version	Platform	Priority rating	Availability
Adobe Connect	9.5.7	Windows	3	Release notes

This update resolves an input validation vulnerability in the events registration module that could be used in cross-site scripting attacks (CVE-2016-7851).

Adobe would like to thank Benjamin Kunz Mejri of Vulnerability Laboratory [Research Team] for reporting this issue (CVE-2016-7851) and for working with Adobe to help protect our customers.

Adobe Security Bulletin

Security update available for Adobe Connect

Summary

Affected Versions

Solution

Vulnerability Details

Acknowledgments

Ask the Community

Contact Us