3 matches found
Adobe Experience Manager 6.2.x <= 6.2 SP1-CFP20 / 6.3.x <= 6.3.3.8 / 6.4.x < 6.4.8.2 / 6.5.x < 6.5.6.0 (APSB20-56)
The version of Adobe Experience Manager installed on the remote host is 6.2.x through 6.2 SP1-SFP20, 6.3.x through 6.3.3.8, 6.4.x prior to 6.4.8.2, or 6.5.x prior to 6.5.6.0. It is, therefore, affected by multiple vulnerabilities: - Adobe Experience Manager executes with unnecessary privileges,...
CVE-2020-9742
CVE-2020-9742 affects Adobe Experience Manager (AEM) versions 6.5.5.0 and below, 6.4.8.1 and below, and 6.3.3.8 and below, via a stored XSS in the Inbox calendar fields that can execute malicious scripts in a victim’s browser when the vulnerable page is opened. The issue is confirmed in multiple ...
CVE-2020-9742 Reflected XSS in AEM Inbox module
AEM versions 6.5.5.0 and below, 6.4.8.1 and below and 6.3.3.8 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Inbox calendar feature. These scripts may be executed in a victim’s browser when...