CVE-2025-54196
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-14
Last updated on: 2026-04-28
Assigner: Adobe Systems Incorporated
Description
Description
Adobe Connect versions 12.9 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction in that a victim must click on a crafted link.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| adobe | connect | to 12.10 (exc) |
| apple | macos | * |
| microsoft | windows | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Open Redirect issue in Adobe Connect versions 12.9 and earlier. It allows an attacker to craft a URL that, when clicked by a user, redirects the user to a malicious website. The attack requires the victim to interact by clicking the crafted link.
How can this vulnerability impact me? :
The vulnerability can impact you by potentially redirecting you to malicious websites if you click on a crafted link. This could lead to phishing attacks or exposure to harmful content, although exploitation requires user interaction.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70