Adobe Security Bulletin: APSB08-16 - Calendar Of Updates

AdobeのRoboHelp Server 6と7に細工されたURLを送付することでクロスサイトスクリプティングが発生するそうです。

A specially crafted URL could be used to create a cross-site scripting attack against RoboHelp Server 6 and RoboHelp Server 7. An attacker would need to have access to the RoboHelp Help Errors log, or convince someone with access to the RoboHelp Help Errors log to click on a malicious URL, in order to execute the attack. RoboHelp 6 and RoboHelp 7 (non-Server releases) are not vulnerable to this issue.

screenshot