Cross-site Scripting (XSS)

Astro is vulnerable to Cross Site Scripting XSS. The vulnerability is due to a Reflected Cross-Site Scripting XSS vulnerability in Astro's development server error pages when the trailingSlash configuration option is used, where an attacker can inject arbitrary JavaScript code that executes in th...

CVE-2025-47054

CVE-2025-47054 affects Adobe Experience Manager (AEM) 6.5.22 and earlier, due to a DOM-based XSS flaw caused by improper validation of user-supplied input. An attacker with low privileges can exploit it by prompting a victim to visit a crafted page, executing JavaScript in the victim’s browser (u...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

CVE-2023-48599

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48474

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-22269

Experience Manager versions 6.5.15.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...