16 matches found
EUVD-2020-30513
Malware in sbrugna...
CVE-2021-21084
AEM's Cloud Service offering, as well as versions 6.5.7.0 and below, 6.4.8.3 and below and 6.3.3.8 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2024-21667)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
CVE-2023-22258 AEM URL Redirection to Untrusted Site Security feature bypass
Experience Manager versions 6.5.15.0 and earlier are affected by a URL Redirection to Untrusted Site 'Open Redirect' vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interactio...
CVE-2023-22260 AEM URL Redirection to Untrusted Site Security feature bypass
Experience Manager versions 6.5.15.0 and earlier are affected by a URL Redirection to Untrusted Site 'Open Redirect' vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interactio...
CVE-2023-22252 AEM Reflected XSS Arbitrary code execution
Experience Manager versions 6.5.15.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-22269 AEM Reflected XSS Arbitrary code execution
Experience Manager versions 6.5.15.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-22253 AEM Reflected XSS Arbitrary code execution
Experience Manager versions 6.5.15.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-22271 AEM Weak Cryptography for Passwords Security feature bypass
Experience Manager versions 6.5.15.0 and earlier are affected by a Weak Cryptography for Passwords vulnerability that can lead to a security feature bypass. A low-privileged attacker can exploit this in order to decrypt a user's password. The attack complexity is high since a successful...
CVE-2023-22262 AEM URL Redirection to Untrusted Site Security feature bypass
Experience Manager versions 6.5.15.0 and earlier are affected by a URL Redirection to Untrusted Site 'Open Redirect' vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interactio...
CVE-2023-22263 AEM URL Redirection to Untrusted Site Security feature bypass
Experience Manager versions 6.5.15.0 and earlier are affected by a URL Redirection to Untrusted Site 'Open Redirect' vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interactio...
CVE-2022-44463 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-44470 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-30683 AEM Violation of Secure Design Principles Security feature bypass
Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could leverage this vulnerability to decrypt secrets, however, this i...