42 matches found
CVE-2020-24444 Blind SSRF in Forms add-on for AEM
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 6.4.8.2 have a blind Server-Side Request Forgery SSRF vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems tha...
Adobe Experience Manager 6.2 <= 6.2 SP1-CFP20 / 6.3 <= 6.3.3.8 / 6.4 < 6.4.8.3 / 6.5 < 6.5.7.0 Multiple Vulnerabilities (APSB20-01)
The version of Adobe Experience Manager installed on the remote host is affected by multiple vulnerabilities as referenced in the APSB20-72 advisory, as follows: - AEM's Cloud Service offering, as well as versions 6.5.6.0 and below, 6.4.8.2 and below and 6.3.3.8 and below are affected by a stored...
CVE-2020-24444
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 6.4.8.2 have a blind Server-Side Request Forgery SSRF vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems tha...
APSB20-72 Security update available for Adobe Experience Manager
Adobe has released updates for Adobe Experience Manager AEM and the AEM Forms add-on package. These updates resolve vulnerabilities rated Critical and Important...
CVE-2020-9741
The AEM forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...
CVE-2020-9741
The AEM forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...
CVE-2020-9734
The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.1 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...
CVE-2020-9732
The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they...
CVE-2020-9732
The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they...
Cross site scripting
The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.1 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...
Cross site scripting
The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they...
Cross site scripting
The AEM forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...
CVE-2020-9734 Stored XSS in AEM Forms component
The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.1 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...
CVE-2020-9734
The CVE-2020-9734 issue affects Adobe Experience Manager (AEM) Forms add-on versions 6.5.5.0 and earlier and 6.4.8.1 and earlier. It is a stored XSS vulnerability that lets users with Author privileges store scripts in Forms fields, which could be executed in a victim’s browser when opening the a...
CVE-2020-9741 Stored XSS in AEM Forms Components
The AEM forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...
CVE-2020-9741
The CVE-2020-9741 entry concerns Adobe Experience Manager (AEM) Forms add-on vulnerabilities. Affected versions: AEM Forms add-on 6.5.5.0 (and below) and 6.4.8.2 (and below). The issue is a stored XSS in fields associated with the Forms component, exploitable by users with Author privileges. When...
CVE-2020-9732 Stored XSS in AEM Sites Components
The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they...
CVE-2020-9732
CVE-2020-9732 affects Adobe Experience Manager (AEM) Forms add-on for versions 6.5.5.0 and earlier and 6.4.8.2 and earlier. Root cause is a stored XSS in fields for the Sites component, allowing an author to store malicious scripts that execute in a viewer’s browser when the vulnerable page is op...
CVE-2017-3067
CVE-2017-3067 affects Adobe Experience Manager Forms (AEM Forms) versions 6.0–6.2, with an information disclosure vulnerability caused by abuse of the pre-population service. Exploitation could disclose sensitive information via the pre-population mechanism. Adobe released APSB17-16 security upda...
Adobe Patches Seven Critical Vulnerabilities in Flash, AEM
Adobe fixed eight vulnerabilities, seven critical, in Flash Player and its Adobe Experience Manager AEM Forms product as part of a regularly scheduled update Tuesday morning. All seven of the Flash Player bugs can lead to code execution and should be considered critical, according to a security...