42 matches found
CVE-2025-64801
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
EUVD-2020-17164
Malware in sbrugna...
EUVD-2020-30521
Malware in sbrugna...
EUVD-2020-30514
Malware in sbrugna...
EUVD-2020-30512
Malware in sbrugna...
EUVD-2021-27887
Malicious code in bioql PyPI...
Exploit for CVE-2025-54253
!Explo...
APSB25-82 : Security update available for Adobe AEM Forms
Adobe has released a security update for Adobe Experience Manager Forms on Java Enterprise Edition JEE. This update addresses critical vulnerabilities that could lead to arbitrary code execution and arbitrary file system read...
APSB25-67 : Security update available for Adobe AEM Forms
Adobe has released a security update for Adobe Experience Manager Forms on JEE. This update addresses a critical vulnerability that could lead to arbitrary code execution...
APSB25-27 : Security update available for Adobe AEM Forms
Adobe has released security updates for AEM Forms on JEE versions for a dependency on vulnerable Third-Party Component . This dependency update resolves an important vulnerability that could lead to path traversal and case sensitive match exception...
CVE-2021-40722
AEM Forms Cloud Service offering, as well as version 6.5.10.0 and below are affected by an XML External Entity XXE injection vulnerability that could be abused by an attacker to achieve RCE...
CVE-2021-40722
AEM Forms Cloud Service offering, as well as version 6.5.10.0 and below are affected by an XML External Entity XXE injection vulnerability that could be abused by an attacker to achieve RCE...
Xxe
AEM Forms Cloud Service offering, as well as version 6.5.10.0 and below are affected by an XML External Entity XXE injection vulnerability that could be abused by an attacker to achieve RCE...
CVE-2021-40722
Adobe Experience Manager (AEM) – CVE-2021-40722 affects AEM Forms Cloud Service and on-prem 6.5.10.0 and earlier via an XML External Entity (XXE) injection that can lead to RCE. The connected advisories list this CVE as part of APSB21-103 and note remediation by upgrading to 6.5.11.0 or applying ...
CVE-2021-40722 AEM Forms Improper Restriction of XML External Entity Reference
AEM Forms Cloud Service offering, as well as version 6.5.10.0 and below are affected by an XML External Entity XXE injection vulnerability that could be abused by an attacker to achieve RCE...
Adobe: AEM forms XXE Vulnerability
AEM Forms Cloud Service offering, as well as version 6.5.10.0 and below are affected by an XML External Entity XXE injection vulnerability that could be abused by an attacker to achieve RCE. CVE: CVE-2021-40722 Ref: https://helpx.adobe.com/security/products/experience-manager/apsb21-103.html We...
CVE-2020-24444
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 6.4.8.2 have a blind Server-Side Request Forgery SSRF vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems tha...
CVE-2020-24444
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 6.4.8.2 have a blind Server-Side Request Forgery SSRF vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems tha...
Server side request forgery (ssrf)
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 6.4.8.2 have a blind Server-Side Request Forgery SSRF vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems tha...
CVE-2020-24444
CVE-2020-24444 is a blind SSRF vulnerability affecting Adobe Experience Manager (AEM) Forms add-on components: specifically the AEM Forms SP6 add-on for AEM 6.5.6.0 and the Forms add-on package for AEM 6.4 Service Pack 8 CFP 2 (6.4.8.2). The underlying issue is a blind server-side request forgery...