CVE-2023-22268: 
Adobe RoboHelp Server vulnerability analysis and mitigation

CVE-2023-22268 is a SQL Injection vulnerability affecting Adobe RoboHelp Server versions 11.4 and earlier. The vulnerability was discovered and disclosed on November 17, 2023, and it could lead to information disclosure when exploited by a low-privileged authenticated attacker. The vulnerability does not require user interaction for exploitation (NVD).

The vulnerability is classified as an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') with a CVSS v3.1 Base Score of 6.5 (Medium). The vulnerability has been assigned the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, indicating network accessibility, low attack complexity, required low privileges, no user interaction, and potential for high confidentiality impact (NVD).

The successful exploitation of this vulnerability could lead to information disclosure. The CVSS scoring indicates that while the vulnerability has high potential impact on confidentiality, it does not affect system integrity or availability (NVD).

Adobe has released security updates to address this vulnerability. Users of Adobe RoboHelp Server should upgrade to a version newer than 11.4 (Adobe Advisory).