Adobe Security Bulletin

Security updates available for Adobe Campaign Standard | APSB21-52 

Bulletin ID	Date Published	Priority
APSB21-52	October 12, 2021	2

Summary

Adobe has released security updates for Adobe Campaign Standard. These updates address a critical cross-site scripting vulnerability that could result in arbitrary code execution.

Affected versions

Product	Affected version	Platform
Adobe Campaign Standard	Release 21.2.1 and earlier versions	Windows, Linux

Solution

Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:

Product	Updated version	Platform	Priority rating	Availability
Adobe Campaign Standard	21.3	Windows and Linux	2	Release Notes

Vulnerability Details

Vulnerability Category	Vulnerability Impact	Severity	CVE Number
Cross-site Scripting (DOM-based XSS) (CWE-79)	Arbitrary code execution	Critical	CVE-2021-40744
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)	Arbitrary file system read	Important	CVE-2021-40745

Revisions

October 14, 2021: Updated the solution version to 21.3.

October 28, 2021: Added details for CVE-2021-40745.

Adobe

Get help faster and easier

New user?