CVE-2023-48473 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48591

Adobe Experience Manager (AEM) 6.5.18 and earlier is affected by a DOM-based XSS vulnerability (CVE-2023-48591) that allows a low-privileged attacker to lure a victim to a crafted URL and have malicious JavaScript run in the victim’s browser. The CVE is documented with a CVSS v3.1 base score of 5...

CVE-2023-48567 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48567

Adobe Experience Manager (AEM) versions 6.5.18 and earlier are affected by a DOM-based XSS vulnerability (CVE-2023-48567) that can execute attacker-supplied JavaScript in the victim’s browser when a vulnerable page is visited via a crafted URL. The issue requires low privileges and user interacti...

CVE-2023-48488

Adobe Experience Manager (AEM) versions 6.5.18 and earlier are affected by a DOM-based XSS (CVE-2023-48488). A low-privilege attacker can entice a victim to visit a URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s browser context. Root cause not explicitl...

CVE-2023-48488 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48532

Adobe Experience Manager (AEM) versions 6.5.18 and earlier are affected by a DOM-based XSS vulnerability (CVE-2023-48532). The issue allows a low-privileged attacker to cause malicious JavaScript to run in a victim’s browser when the victim visits a URL referencing a vulnerable page. The core imp...

CVE-2023-48532 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48457

Adobe Experience Manager (AEM) versions 6.5.18 and earlier are affected by a DOM-based XSS vulnerability. A low-privileged attacker could entice a user to visit a vulnerable page URL, leading to execution of malicious JavaScript in the victim’s browser. Connected sources confirm the affected prod...

CVE-2023-48457 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48565 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48565

CVE-2023-48565 affects Adobe Experience Manager (AEM) versions 6.5.18 and earlier. The vulnerability is a DOM-based Cross-site Scripting (XSS) in which an attacker could lure a low-privileged victim to visit a URL referencing a vulnerable page, causing malicious JavaScript to execute in the victi...

CVE-2023-48452 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48452 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48614

Adobe Experience Manager 6.5.18 and earlier is affected by a DOM-based XSS vulnerability. If a low-privileged attacker lures a user to a URL referencing a vulnerable page, malicious JavaScript can execute in the victim’s browser. The issue is confirmed in multiple sources noting AEM’s REST/UI sur...

CVE-2023-48451

CVE-2023-48451 affects Adobe Experience Manager (AEM) versions 6.5.18 and earlier. The issue is a DOM-based XSS vulnerability that allows a low-privilege attacker to cause a victim’s browser to execute malicious JavaScript when the victim visits a crafted URL referencing a vulnerable page. The CV...

CVE-2023-48451 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48617

Adobe Experience Manager (AEM) versions 6.5.18 and earlier are affected by a DOM-based XSS vulnerability (CVE-2023-48617). An attacker with low privileges can lure a user to visit a vulnerable page, causing malicious JavaScript to execute in the victim’s browser. The issue arises from DOM-based X...

CVE-2023-48617 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48583 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...