The cross-site scripting (XSS) flaws could allow attackers to execute JavaScript in targets ... one important-severity CVE in Adobe Lightroom, which is its image manipulation software.