CVE-2020-9742 Reflected XSS in AEM Inbox module

AEM versions 6.5.5.0 and below, 6.4.8.1 and below and 6.3.3.8 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Inbox calendar feature. These scripts may be executed in a victim’s browser when...