2 matches found
CVE-2024-26074 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...
CVE-2024-26074
Adobe Experience Manager (AEM) 6.5.20 and earlier are affected by a stored XSS vulnerability (CVE-2024-26074) in vulnerable form fields, allowing injected JavaScript to run in a victim’s browser. Remediation: upgrade to 6.5.21 or later (per APSB24-28). The CVSS v3.1 base score is 5.4 (Medium). If...