VDB
CVE-2025-54256
CVE-2025-54256
PUBLISHED
CVSS 8.600000381469727 HIGH
Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must click on a malicious link, and scope is changed.
EPSS 0.02% · 5.7th percentile
Risk Scores
CVSS 3.1
8.600000381469727
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score
0.02%
5.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| adobe | dreamweaver | 0 |
| Adobe | Dreamweaver Desktop | 0 |
Timeline
- Sep 9, 2025 Coalition ESS Score
- Sep 9, 2025 CVE Published
- Sep 9, 2025 PoC Published
- Sep 10, 2025 EPSS Score
- Sep 11, 2025 Coalition ESS Score
- Sep 17, 2025 EPSS Score
- Sep 25, 2025 EPSS Score
- Oct 2, 2025 EPSS Score
- Oct 4, 2025 Coalition ESS Score
- Oct 6, 2025 Coalition ESS Score
- Oct 9, 2025 EPSS Score
- Oct 17, 2025 EPSS Score