3 matches found
biz.netcentric.cq.tools.aemmjml:aemmjml-components-bundle (=0.1.0), com.adobe.aem.commons:assetshare.core (>=1.9.6 <=3.13.6) +23 more potentially affected by CVE-2022-35697 via com.adobe.cq:core.wcm.components.core (>=1.1.0 <=2.20.6)
com.adobe.cq:core.wcm.components.core MAVEN version =1.1.0, =1.9.6, =2012.12.01, =2012.12.01, =0.0.6, =0.0.4, =0.0.6, =0.0.6, =1.2.0, =0.1.0, =2.5.0, =2.10.0, =2.10.0, =2.10.0, =2.20.6 and more Source cves: CVE-2022-35697 Source advisory: OSV:GHSA-QCGC-6Q86-7X2P...
CVE-2022-35697
Adobe Experience Manager Core Components 2.20.6 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that can execute malicious JavaScript in a victim’s browser when a user visits a crafted URL. Exploitation requires low author privileges and a user to visit the link; ...
CVE-2022-35697 AEM File Upload Security Issue leading to RXSS
Adobe Experience Manager Core Components version 2.20.6 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...