CVE-2022-24746

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions it is possible to inject code via the voucher code form. This issue has been patched in version 6.4.8.1. There are no known workarounds for this issue...

Code injection

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions it is possible to inject code via the voucher code form. This issue has been patched in version 6.4.8.1. There are no known workarounds for this issue...

CVE-2022-24746 HTML injection possibility in voucher code form

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions it is possible to inject code via the voucher code form. This issue has been patched in version 6.4.8.1. There are no known workarounds for this issue...

CVE-2020-9738

AEM versions 6.5.5.0 and below, 6.4.8.1 and below, 6.3.3.8 and below and 6.2 SP1-CFP20 and below are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be...

CVE-2020-9735

AEM versions 6.5.5.0 and below, 6.4.8.1 and below, 6.3.3.8 and below and 6.2 SP1-CFP20 and below are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be...

CVE-2020-9734

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.1 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

Cross site scripting

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.1 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

CVE-2020-9734 Stored XSS in AEM Forms component

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.1 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

CVE-2020-9736

CVE-2020-9736 affects Adobe Experience Manager: stored XSS in the Content Repository Development Environment allowing malicious scripts to be stored in certain node fields and potentially execute in a victim’s browser. Affected versions include AEM 6.5.5.0 and below, 6.4.8.1 and below, 6.3.3.8 an...

CVE-2020-9738 Stored XSS in AEM's Content Repository Development Environment

AEM versions 6.5.5.0 and below, 6.4.8.1 and below, 6.3.3.8 and below and 6.2 SP1-CFP20 and below are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be...

CVE-2020-9737 Stored XSS in AEM's Content Repository Development Environment

AEM versions 6.5.5.0 and below, 6.4.8.1 and below, 6.3.3.8 and below and 6.2 SP1-CFP20 and below are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be...