CVE-2021-28628
CVE-2021-28628 is an XSS vulnerability affecting Adobe Experience Manager (AEM) Cloud Service and on-prem versions 6.5.8.0 and earlier, specifically in inbox render.jsp. The root cause is cross-site scripting via vulnerable form fields, allowing malicious JavaScript to run in a victim’s browser w...