623 matches found
CVE-2022-30680 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...
CVE-2022-30685 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...
CVE-2022-30685 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...
CVE-2022-30678 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...
CVE-2022-30678 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...
CVE-2022-30683 AEM Violation of Secure Design Principles Security feature bypass
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could leverage this vulnerability to decrypt secrets, however, this i...
CVE-2022-30683 AEM Violation of Secure Design Principles Security feature bypass
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could leverage this vulnerability to decrypt secrets, however, this i...
CVE-2022-30677 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...
CVE-2022-30677 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
PT-2022-6387 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.13.0 and earlier Description: The issue is a reflected Cross-Site Scripting XSS vulnerability. If an attacker convinces a victim to visit a URL referencing a vulnerable page, malicious JavaScript content...
PT-2022-21175 · Sap Se +1 · Sap Businessobjects Business Intelligence Platform +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue allows an attacker with high privilege access and authenticated as a CMS administrator to access and modify system data in the BOE Commentary database. This can be done under...
PT-2022-5046 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.13.0 and earlier Description: The issue is related to a reflected Cross-Site Scripting XSS vulnerability. An attacker can exploit this by convincing a victim to visit a URL referencing a vulnerable page,...
PT-2022-5056 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.13.0 and earlier Description: The issue is related to a reflected Cross-Site Scripting XSS vulnerability. An attacker can exploit this by convincing a victim to visit a URL referencing a vulnerable page,...
PT-2022-5059 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.13.0 and earlier Description: The issue is related to the lack of protection of the web page structure in Adobe Experience Manager, allowing a remote attacker to conduct cross-site scripting attacks using...
PT-2022-5043 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.13.0 and earlier Description: The issue is related to a reflected Cross-Site Scripting XSS vulnerability. If an attacker convinces a victim to visit a URL referencing a vulnerable page, malicious JavaScri...
PT-2022-5058 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.13.0 and earlier Description: The issue is related to a reflected Cross-Site Scripting XSS vulnerability. If an attacker convinces a victim to visit a URL referencing a vulnerable page, malicious JavaScri...
ASB-A-219808546
In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data with no additional execution privileges needed. User interaction is not needed for exploitation...