Advanced Page Visit Counter – Advanced WordPress Visit Counter Security Vulnerabilities

CVE-2024-20769 AMS XSS - /libs/cq/gui/components/projects/admin/translation/customsearch/assettype/clientlibs/assettype/js/assettype.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-20769 AMS XSS - /libs/cq/gui/components/projects/admin/translation/customsearch/assettype/clientlibs/assettype/js/assettype.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36157 AMS XSS - /libs/granite/ui/components/shell/clientlibs/shell/js/badge.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36157 AMS XSS - /libs/granite/ui/components/shell/clientlibs/shell/js/badge.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26082 Stored XSS in `libs/cq/gui/components/common/admin/managepublication/clientlibs/managepublication/js/managepublication.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-34120 AMS XSS - /libs/cq/searchpromote/components/linklist/facetcontent.jsp (retest of 1914167 - not fixed)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-34120 AMS XSS - /libs/cq/searchpromote/components/linklist/facetcontent.jsp (retest of 1914167 - not fixed)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26082 Stored XSS in `libs/cq/gui/components/common/admin/managepublication/clientlibs/managepublication/js/managepublication.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26088 AMS XSS - /libs/dam/cfm/admin/clientlibs/adminpage/actions/js/managepublication.js (JS)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36211 AMS XSS - /libs/foundation/components/parbase/scaffolding.jsp (bypass for report 2134793)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the.....

CVE-2024-36211 AMS XSS - /libs/foundation/components/parbase/scaffolding.jsp (bypass for report 2134793)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the.....

CVE-2024-36225 AMS XSS - /libs/dam/gui/components/admin/commons/redirecttopreviouspage/clientlibs/redirecttopreviouspage/js/redirecttopreviouspage.js (js)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36225 AMS XSS - /libs/dam/gui/components/admin/commons/redirecttopreviouspage/clientlibs/redirecttopreviouspage/js/redirecttopreviouspage.js (js)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26110 Cloud Services - /libs/cq/contexthub/components/new-segment/clientlib/wizard.new-segment.js (JS)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26110 Cloud Services - /libs/cq/contexthub/components/new-segment/clientlib/wizard.new-segment.js (JS)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36206 AMS XSS - /libs/clientlibs/social/hbs/moderationfoundation/moderationfoundation.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...

CVE-2024-36153 AMS XSS - /libs/cq/personalization/touch-ui/clientlibs/audiences/newFolder.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36206 AMS XSS - /libs/clientlibs/social/hbs/moderationfoundation/moderationfoundation.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...

CVE-2024-36153 AMS XSS - /libs/cq/personalization/touch-ui/clientlibs/audiences/newFolder.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36160 AMS XSS - /libs/fd/af/authoring/clientlibs/guideCommonAuthoring/js/GuidePanelEdit.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36160 AMS XSS - /libs/fd/af/authoring/clientlibs/guideCommonAuthoring/js/GuidePanelEdit.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26075 Stored XSS in `libs/dam/cfm/admin/clientlibs/v2/authoring/contenteditor/unique.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26075 Stored XSS in `libs/dam/cfm/admin/clientlibs/v2/authoring/contenteditor/unique.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26074 Stored XSS in `libs/dam/cfm/models/editor/components/fragmentreference/clientlibs/modeleditor/js/defaultValue.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36144 AMS XSS - /libs/cq/searchpromote/components/sorting/sorting.jsp (retest of 2001313 - not fixed)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26074 Stored XSS in `libs/dam/cfm/models/editor/components/fragmentreference/clientlibs/modeleditor/js/defaultValue.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26111 AMS XSS - /libs/fd/af/components/guideradiobutton (retest of 2088443 - new issue)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...

CVE-2024-26111 AMS XSS - /libs/fd/af/components/guideradiobutton (retest of 2088443 - new issue)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...

CVE-2024-36173 AMS XSS - /libs/dam/gui/components/s7dam/videoreport/clientlibs/videosummaryreport/js/summaryreport.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36173 AMS XSS - /libs/dam/gui/components/s7dam/videoreport/clientlibs/videosummaryreport/js/summaryreport.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26060 AMS XSS - /libs/cq/inbox/gui/components/inbox/table/table.jsp (include)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26060 AMS XSS - /libs/cq/inbox/gui/components/inbox/table/table.jsp (include)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26083 Stored XSS in `libs/granite/ui/components/foundation/clientlibs/foundation/js/admin/propertiesactivator.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-26083 Stored XSS in `libs/granite/ui/components/foundation/clientlibs/foundation/js/admin/propertiesactivator.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36165 AMS XSS - /libs/cq/workflow/admin/console/components/clientlibs/js/dialogs/model.create.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36165 AMS XSS - /libs/cq/workflow/admin/console/components/clientlibs/js/dialogs/model.create.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36186 Stored XSS in `libs/granite/contexthub/cloudsettings/components/clientlibs/js/wizard.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36186 Stored XSS in `libs/granite/contexthub/cloudsettings/components/clientlibs/js/wizard.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36204 AMS XSS - /libs/dam/gui/coral/components/admin/folderschemaforms/clientlibs/folderschemaforms/js/formdetails.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36204 AMS XSS - /libs/dam/gui/coral/components/admin/folderschemaforms/clientlibs/folderschemaforms/js/formdetails.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36215 AMS XSS - /libs/granite/operations/clientlibs/maintenance/js/maintenance-tasks.js (JS)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36215 AMS XSS - /libs/granite/operations/clientlibs/maintenance/js/maintenance-tasks.js (JS)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36217 AMS XSS - /libs/granite/oauth/clientlibs/oauth/js/oauth.js (JS)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36217 AMS XSS - /libs/granite/oauth/clientlibs/oauth/js/oauth.js (JS)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36147 AMS XSS - /libs/cq/experience-fragments/components/xfconfigpathbrowser/clientlib/clientlib.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36196 Stored XSS in `libs/dam/components/scene7/dynamicmedia/clientlibs/dynamicmedia/js/init.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36147 AMS XSS - /libs/cq/experience-fragments/components/xfconfigpathbrowser/clientlib/clientlib.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36196 Stored XSS in `libs/dam/components/scene7/dynamicmedia/clientlibs/dynamicmedia/js/init.js`

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36154 AMS XSS - /libs/social/enablement/components/clientlibs/assetselector/assetselector.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

CVE-2024-36154 AMS XSS - /libs/social/enablement/components/clientlibs/assetselector/assetselector.js

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...