CVE-2025-49552 is a DOM-based Cross-Site Scripting (XSS) vulnerability identified in Adobe Connect versions 12.9 and earlier. This vulnerability arises from improper handling of user-controllable input within the Document Object Model (DOM), allowing an attacker with high privileges on the Adobe Connect platform to craft malicious web pages that, when visited by a victim, execute arbitrary scripts in the victim’s browser context. The attack requires the victim to interact by navigating to a maliciously crafted URL or page. The vulnerability enables session hijacking and potentially other malicious actions that compromise the confidentiality and integrity of user sessions and data. The scope of the vulnerability is changed, meaning the impact extends beyond the vulnerable component to affect other system components or user data. The CVSS 3.1 base score of 7.3 reflects a network attack vector (remote), high attack complexity, required high privileges, required user interaction, and a changed scope with high confidentiality and integrity impacts but no availability impact. No patches or known exploits are currently available, but the vulnerability poses a significant risk given Adobe Connect’s widespread use in enterprise collaboration and remote work environments.

The vulnerability could allow attackers to hijack user sessions, leading to unauthorized access to sensitive information and manipulation of user data within Adobe Connect environments. This compromises confidentiality and integrity, potentially exposing corporate communications, meeting content, and user credentials. The attack requires user interaction and elevated privileges, limiting exploitation to insider threats or compromised accounts with high permissions. However, successful exploitation could facilitate lateral movement within networks, data exfiltration, and disruption of trust in collaboration platforms. Organizations relying heavily on Adobe Connect for remote meetings, training, and webinars face increased risk of targeted attacks, especially in sectors with sensitive or regulated data. The lack of availability impact reduces the risk of denial-of-service, but the confidentiality and integrity risks remain significant.

Organizations should monitor Adobe’s advisories closely and apply patches or updates as soon as they become available. In the absence of patches, administrators should restrict high-privilege account access and enforce the principle of least privilege to minimize the number of users who can exploit this vulnerability. Implement Content Security Policy (CSP) headers to limit the execution of unauthorized scripts in browsers. Conduct user awareness training to reduce the likelihood of users clicking on suspicious links or navigating to untrusted pages. Employ web application firewalls (WAFs) with rules designed to detect and block DOM-based XSS payloads. Regularly audit and sanitize all user inputs and outputs within Adobe Connect customizations or integrations. Network segmentation and monitoring for unusual activity related to Adobe Connect sessions can help detect exploitation attempts early.