Lucene search

PRIOn knowledge basePRION:CVE-2023-48528

HistoryDec 15, 2023 - 11:15 a.m.

Cross site scripting

2023-12-1511:15:00

PRIOn knowledge base

www.prio-n.com

adobe experience manager

cross-site scripting

dom-based xss

vulnerability

low-privileged attacker

javascript

browser context

6.5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.6%

JSON

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.

CPENameOperatorVersion
experience_managerle6.5.18.0
experience_manager_cloud_servicelt2023.11

CPE	Name	Operator	Version
	experience_manager	le	6.5.18.0
	experience_manager_cloud_service	lt	2023.11

References

helpx.adobe.com/security/products/experience-manager/apsb23-72.html