EUVD-2021-30669

Malicious code in bioql PyPI...

EUVD-2021-31027

Malicious code in bioql PyPI...

EUVD-2021-30672

Malicious code in bioql PyPI...

CVE-2021-43764

AEM's Cloud Service offering, as well as version 6.5.10.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

CVE-2021-43765

AEM's Cloud Service offering, as well as version 6.5.10.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

CVE-2021-44176

AEM's Cloud Service offering, as well as version 6.5.10.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

CVE-2021-40722

AEM Forms Cloud Service offering, as well as version 6.5.10.0 and below are affected by an XML External Entity XXE injection vulnerability that could be abused by an attacker to achieve RCE...

Cross site scripting

AEM's Cloud Service offering, as well as version 6.5.10.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

Cross site scripting

AEM's Cloud Service offering, as well as version 6.5.10.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

Security feature bypass

AEM's Cloud Service offering, as well as version 6.5.10.0 and below are affected by a dispatcher bypass vulnerability that could be abused to evade security controls. Sensitive areas of the web application may be exposed through exploitation of the vulnerability...

Cross site scripting

AEM's Cloud Service offering, as well as version 6.5.10.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

CVE-2021-43764 Adobe Experience Manager Stored XSS in the Spin Set

AEM's Cloud Service offering, as well as version 6.5.10.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

CVE-2021-44177 Adobe Experience Manager Stored XSS in user name parameter in the package manager

AEM's Cloud Service offering, as well as version 6.5.10.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

CVE-2021-43762

CVE-2021-43762 affects Adobe Experience Manager (AEM) Cloud Service and on‑prem 6.5.10.0 and earlier, via a dispatcher bypass that could bypass security controls and expose sensitive areas of the web app. The issue is documented across multiple sources (NVD/NVDA, Nessus APSB21-103). Remediation i...

Adobe Experience Manager Cross-Site Scripting Vulnerability

Adobe Experience Manager is an enterprise content management solution that helps you simplify the management and delivery of content and assets. Adobe Experience Manager CS, version 6.5.10.0 is vulnerable to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execu...

Adobe Experience Manager improper input validation vulnerability

Adobe Experience Manager is an enterprise content management solution that helps you simplify the management and delivery of content and assets. Adobe Experience Manager CS, version 6.5.10.0 is vulnerable to improper input validation. An attacker could exploit this vulnerability to cause a denial...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2021-79744)

Adobe Experience Manager is an enterprise content management solution that helps you simplify the management and delivery of content and assets. Adobe Experience Manager CS, version 6.5.10.0 is vulnerable to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execu...

Adobe: AEM forms XXE Vulnerability

AEM Forms Cloud Service offering, as well as version 6.5.10.0 and below are affected by an XML External Entity XXE injection vulnerability that could be abused by an attacker to achieve RCE. CVE: CVE-2021-40722 Ref: https://helpx.adobe.com/security/products/experience-manager/apsb21-103.html We...