High severity8.6NVD Advisory· Published Sep 9, 2025· Updated Jun 17, 2026
CVE-2025-54256
CVE-2025-54256
Description
Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must click on a malicious link, and scope is changed.
Affected products
2- Range: <=21.5
- Range: 0
Patches
Vulnerability mechanics
References
1- helpx.adobe.com/security/products/dreamweaver/apsb25-91.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.