CVE-2024-52835 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-43725 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52849 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52827

Adobe Experience Manager (AEM) 6.5.21 and earlier contains a stored XSS vulnerability in vulnerable form fields that could allow an attacker to inject malicious JavaScript and cause it to execute in a victim’s browser. Affected versions are explicitly listed as 6.5.21 and earlier; remediation is ...

CVE-2024-52858

CVE-2024-52858 affects Adobe Experience Manager (AEM) 6.5.21 and earlier, with a stored XSS vulnerability in vulnerable form fields. An attacker can inject malicious JavaScript that executes in a victim’s browser when the page containing the vulnerable field is loaded or interacted with. Affected...

CVE-2024-52824

Adobe Experience Manager (AEM) versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. Malicious JavaScript could be injected by an attacker and executed in a victim’s browser when they visit a page containing the vulnerable field. ...

CVE-2024-52853

CVE-2024-52853 affects Adobe Experience Manager 6.5.21 and earlier with a stored XSS vulnerability in vulnerable form fields. An attacker could inject malicious scripts executed in a victims browser when accessing the affected page. Remediation visible in advisory APSB24-69; update to 6.5.22 or ...

CVE-2024-52847 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52993 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-43735

CVE-2024-43735 affects Adobe Experience Manager (AEM) 6.5.21 and earlier with a reflected Cross-Site Scripting (XSS) vulnerability that can execute malicious JavaScript in a victim’s browser when a user visits a crafted URL referencing a vulnerable page. The CVSS vector indicates Network access, ...

CVE-2024-43744 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-43736

CVE-2024-43736 is a stored XSS flaw affecting Adobe Experience Manager (AEM) 6.5.21 and earlier. The vulnerability allows injected JavaScript in vulnerable form fields, executing in a victim’s browser when the page is loaded. The connected advisory APSB24-69 confirms AEM updates are available to ...

CVE-2024-54049

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

CVE-2024-54049

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

CVE-2024-54045

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2024-54043

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2024-54040

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-54034

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. A...

CVE-2024-49550

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

CVE-2024-54048 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...