2 matches found
Adobe Experience Manager 6.2.x <= 6.2 SP1-CFP20 / 6.3.x <= 6.3.3.8 / 6.4.x < 6.4.8.2 / 6.5.x < 6.5.6.0 (APSB20-56)
The version of Adobe Experience Manager installed on the remote host is 6.2.x through 6.2 SP1-SFP20, 6.3.x through 6.3.3.8, 6.4.x prior to 6.4.8.2, or 6.5.x prior to 6.5.6.0. It is, therefore, affected by multiple vulnerabilities: - Adobe Experience Manager executes with unnecessary privileges,...
CVE-2020-9740
CVE-2020-9740 is a stored XSS vulnerability in Adobe Experience Manager (AEM) affecting 6.5.5.0 and below, 6.4.8.1 and below, 6.3.3.8 and below, and 6.2 SP1‑CFP20 and below. The issue allows users with Author privileges to store malicious scripts in fields used by the Design Importer, which can e...