CVE-2021-40711
Adobe Experience Manager (AEM) 6.5.9.0 and earlier are affected by a stored XSS in Content Fragments creation. An authenticated attacker can send a malformed POST to cause arbitrary code execution, with malicious JavaScript potentially running in victims’ browsers. Publicly documented remediation...