Lucene search

PRIOn knowledge basePRION:CVE-2022-42348

HistoryDec 19, 2022 - 8:15 p.m.

Cross site scripting

2022-12-1920:15:00

PRIOn knowledge base

www.prio-n.com

cross site scripting

reflected xss

adobe experience manager

version 6.5.14

security vulnerability

low-privileged attacker

malicious javascript

nvd

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.3%

JSON

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.

CPENameOperatorVersion
experience_managerlt6.5.15.0
experience_manager_cloud_servicelt2022.10.0

CPE	Name	Operator	Version
	experience_manager	lt	6.5.15.0
	experience_manager_cloud_service	lt	2022.10.0

References

helpx.adobe.com/security/products/experience-manager/apsb22-59.html