Lucene search
+L

42 matches found

Cvelist
Cvelist
added 2020/12/10 5:32 a.m.26 views

CVE-2020-24444 Blind SSRF in Forms add-on for AEM

AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 6.4.8.2 have a blind Server-Side Request Forgery SSRF vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems tha...

5.8CVSS5.6AI score0.02077EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/12/10 12:0 a.m.40 views

Adobe Experience Manager 6.2 <= 6.2 SP1-CFP20 / 6.3 <= 6.3.3.8 / 6.4 < 6.4.8.3 / 6.5 < 6.5.7.0 Multiple Vulnerabilities (APSB20-01)

The version of Adobe Experience Manager installed on the remote host is affected by multiple vulnerabilities as referenced in the APSB20-72 advisory, as follows: - AEM's Cloud Service offering, as well as versions 6.5.6.0 and below, 6.4.8.2 and below and 6.3.3.8 and below are affected by a stored...

9CVSS7AI score0.02535EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2020/12/08 11:0 p.m.4 views

CVE-2020-24444

AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 6.4.8.2 have a blind Server-Side Request Forgery SSRF vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems tha...

5.8CVSS6AI score0.02077EPSS
Exploits0References2
Adobe
Adobe
added 2020/12/08 12:0 a.m.47 views

APSB20-72 Security update available for Adobe Experience Manager

Adobe has released updates for Adobe Experience Manager AEM and the AEM Forms add-on package. These updates resolve vulnerabilities rated Critical and Important...

7.8AI score
Exploits0Affected Software2
NVD
NVD
added 2020/09/10 5:15 p.m.24 views

CVE-2020-9741

The AEM forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

9CVSS0.01884EPSS
Exploits0References1
OSV
OSV
added 2020/09/10 5:15 p.m.6 views

CVE-2020-9741

The AEM forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

5.4CVSS6AI score0.01884EPSS
Exploits0References1
NVD
NVD
added 2020/09/10 5:15 p.m.31 views

CVE-2020-9734

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.1 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

9CVSS0.01884EPSS
Exploits0References1
NVD
NVD
added 2020/09/10 5:15 p.m.26 views

CVE-2020-9732

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they...

9CVSS0.02809EPSS
Exploits0References1
OSV
OSV
added 2020/09/10 5:15 p.m.7 views

CVE-2020-9732

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they...

9CVSS5.8AI score0.02809EPSS
Exploits0References1
Prion
Prion
added 2020/09/10 5:15 p.m.25 views

Cross site scripting

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.1 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

3.5CVSS5.5AI score0.01884EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/09/10 5:15 p.m.24 views

Cross site scripting

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they...

6CVSS8.1AI score0.02809EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2020/09/10 5:15 p.m.22 views

Cross site scripting

The AEM forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

3.5CVSS5.5AI score0.01884EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/10 4:35 p.m.30 views

CVE-2020-9734 Stored XSS in AEM Forms component

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.1 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

9CVSS8.4AI score0.01884EPSS
Exploits0References1
CVE
CVE
added 2020/09/10 4:35 p.m.68 views

CVE-2020-9734

The CVE-2020-9734 issue affects Adobe Experience Manager (AEM) Forms add-on versions 6.5.5.0 and earlier and 6.4.8.1 and earlier. It is a stored XSS vulnerability that lets users with Author privileges store scripts in Forms fields, which could be executed in a victim’s browser when opening the a...

9CVSS5.4AI score0.01884EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/10 4:35 p.m.25 views

CVE-2020-9741 Stored XSS in AEM Forms Components

The AEM forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

9CVSS8.4AI score0.01884EPSS
Exploits0References1
CVE
CVE
added 2020/09/10 4:35 p.m.42 views

CVE-2020-9741

The CVE-2020-9741 entry concerns Adobe Experience Manager (AEM) Forms add-on vulnerabilities. Affected versions: AEM Forms add-on 6.5.5.0 (and below) and 6.4.8.2 (and below). The issue is a stored XSS in fields associated with the Forms component, exploitable by users with Author privileges. When...

9CVSS5.4AI score0.01884EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/10 4:35 p.m.35 views

CVE-2020-9732 Stored XSS in AEM Sites Components

The AEM Forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they...

9CVSS8.2AI score0.02809EPSS
Exploits0References1
CVE
CVE
added 2020/09/10 4:35 p.m.60 views

CVE-2020-9732

CVE-2020-9732 affects Adobe Experience Manager (AEM) Forms add-on for versions 6.5.5.0 and earlier and 6.4.8.2 and earlier. Root cause is a stored XSS in fields for the Sites component, allowing an author to store malicious scripts that execute in a viewer’s browser when the vulnerable page is op...

9CVSS8.3AI score0.02809EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2017/05/09 4:0 p.m.61 views

CVE-2017-3067

CVE-2017-3067 affects Adobe Experience Manager Forms (AEM Forms) versions 6.0–6.2, with an information disclosure vulnerability caused by abuse of the pre-population service. Exploitation could disclose sensitive information via the pre-population mechanism. Adobe released APSB17-16 security upda...

7.5CVSS7.2AI score0.04791EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2017/05/09 12:16 p.m.16 views

Adobe Patches Seven Critical Vulnerabilities in Flash, AEM

Adobe fixed eight vulnerabilities, seven critical, in Flash Player and its Adobe Experience Manager AEM Forms product as part of a regularly scheduled update Tuesday morning. All seven of the Flash Player bugs can lead to code execution and should be considered critical, according to a security...

0.7AI score
Exploits0References2
Rows per page
Query Builder