Adobe Campaign Classic is a marketing software for campaign management and automation. Originally from a company called Neolane, it was bought by Adobe in 2013. The on-premise version of the software features client-supplied JavaScript execution that runs server-side.
We study this authenticated attack surface and present bugs that result in access-control bypass that were found using 1337 techniques like reading the documentation and trying stuff. These bugs were reported to Adobe and will be part of their November release.