CVE-2024-52827

Adobe Experience Manager (AEM) 6.5.21 and earlier contains a stored XSS vulnerability in vulnerable form fields that could allow an attacker to inject malicious JavaScript and cause it to execute in a victim’s browser. Affected versions are explicitly listed as 6.5.21 and earlier; remediation is ...

CVE-2024-52858

CVE-2024-52858 affects Adobe Experience Manager (AEM) 6.5.21 and earlier, with a stored XSS vulnerability in vulnerable form fields. An attacker can inject malicious JavaScript that executes in a victim’s browser when the page containing the vulnerable field is loaded or interacted with. Affected...

CVE-2024-52824

Adobe Experience Manager (AEM) versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. Malicious JavaScript could be injected by an attacker and executed in a victim’s browser when they visit a page containing the vulnerable field. ...

CVE-2024-52853

CVE-2024-52853 affects Adobe Experience Manager 6.5.21 and earlier with a stored XSS vulnerability in vulnerable form fields. An attacker could inject malicious scripts executed in a victims browser when accessing the affected page. Remediation visible in advisory APSB24-69; update to 6.5.22 or ...

CVE-2024-52847 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52993 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-43735

CVE-2024-43735 affects Adobe Experience Manager (AEM) 6.5.21 and earlier with a reflected Cross-Site Scripting (XSS) vulnerability that can execute malicious JavaScript in a victim’s browser when a user visits a crafted URL referencing a vulnerable page. The CVSS vector indicates Network access, ...

CVE-2024-43744 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-43736

CVE-2024-43736 is a stored XSS flaw affecting Adobe Experience Manager (AEM) 6.5.21 and earlier. The vulnerability allows injected JavaScript in vulnerable form fields, executing in a victim’s browser when the page is loaded. The connected advisory APSB24-69 confirms AEM updates are available to ...

CVE-2024-54049

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

CVE-2024-54049

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

CVE-2024-54045

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2024-54040

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-54043

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2024-54034

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. A...

CVE-2024-49550

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

CVE-2024-54048 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

CVE-2024-54045 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2024-54045

CVE-2024-54045 is a reflected Cross-Site Scripting (XSS) vulnerability in Adobe Connect affecting 12.6 and earlier, including 11.4.7 and earlier. The issue is documented across multiple sources (NVD entry and related advisories). The vulnerability allows an unauthenticated attacker to lure a vict...

CVE-2024-54043 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...