CVE-2022-28820
ACS Commons 5.1.x and earlier are affected by a Reflected Cross-site Scripting (XSS) in the /apps/acs-commons/content/page-compare.html endpoint via the a and b GET parameters. User input is not validated or sanitized, enabling an attacker who can supply a link to a user with AEM Author access to...