Lucene search
K

13503 matches found

Nuclei
Nuclei
added yesterday24 views

Liferay Portal & DXP - Cross-Site Scripting

Liferay Portal 7.4.0 through 7.4.3.133 and Liferay DXP 2024.Q1.1 through 2025.Q1.4 contain a reflected XSS caused by improper sanitization in entrycoverimagecaption.jsp, letting remote non-authenticated attackers inject JavaScript. id: CVE-2025-4576 info: name: Liferay Portal & DXP - Cross-Site...

6.9CVSS6.1AI score0.00588EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday34 views

Adobe Experience Manager ≤ 6.5.23.0 - XML Injection

Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. id: CVE-2025-54251 info: name: Adobe Experience Manager ≤ 6.5.23.0 - XML Injection author: DhiyaneshDK,assetnote severity: medium description: |...

4.3CVSS6.1AI score0.01609EPSS
Exploits0
NVD
NVD
added 2 days ago5 views

CVE-2026-48355

Adobe Experience Manager is affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the...

5.4CVSS0.00294EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48359

Adobe Experience Manager is affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary code execution in the context of the current user. A low-privileged attacker could exploit this vulnerability to read sensitive files, potentially...

9.6CVSS0.00534EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48262

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48310

Adobe Experience Manager is affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access...

8.6CVSS0.00552EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48253

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48260

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48261

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-48252

Adobe Experience Manager is affected by a Missing Authentication for Critical Function vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not...

8.6CVSS0.00434EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48254

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48257

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48255

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48259

Adobe Experience Manager is affected by a Server-Side Request Forgery SSRF vulnerability that could result in arbitrary code execution in the context of the current user. A low-privileged attacker could leverage this vulnerability to issue unauthorized server-side requests, potentially gaining...

9.6CVSS0.00407EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-48310

Adobe Experience Manager (AEM) is affected by an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal, CWE-22) vulnerability that could enable arbitrary file system read. The issue arises from an improper pathname restriction, allowing access to sensitive files outside the ...

8.6CVSS6.2AI score0.00552EPSS
Exploits0References1
CVE
CVE
added 2 days ago10 views

CVE-2026-48259

Adobe Experience Manager is affected by a Server-Side Request Forgery (SSRF) vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires no user interaction, with a low-privileged attacker potentially issuing unauthorized server-side requests ...

9.6CVSS6.5AI score0.00407EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2 days ago3 views

CVE-2026-48259 Adobe Experience Manager | Server-Side Request Forgery (SSRF) (CWE-918)

Adobe Experience Manager is affected by a Server-Side Request Forgery SSRF vulnerability that could result in arbitrary code execution in the context of the current user. A low-privileged attacker could leverage this vulnerability to issue unauthorized server-side requests, potentially gaining...

9.6CVSS6.5AI score0.00407EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2 days ago5 views

CVE-2026-48359 Adobe Experience Manager | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)

Adobe Experience Manager is affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary code execution in the context of the current user. A low-privileged attacker could exploit this vulnerability to read sensitive files, potentially...

9.6CVSS6.5AI score0.00534EPSS
Exploits0References1
CVE
CVE
added 2 days ago10 views

CVE-2026-48359

Adobe Experience Manager is affected by an XML External Entity (XXE) vulnerability (CVE-2026-48359) due to improper restriction of XML External Entity references. It could allow a low-privileged attacker to read sensitive files and potentially gain elevated access or control, with arbitrary code ...

9.6CVSS6.5AI score0.00534EPSS
Exploits0References1
CVE
CVE
added 2 days ago6 views

CVE-2026-48263

CVE-2026-48263 : Adobe Experience Manager is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The issue allows a low-privileged attacker to inject malicious scripts, which may execute in a victim’s browser when visiting a page containing the vulnerable fiel...

5.4CVSS6.1AI score0.00294EPSS
Exploits0References1
Rows per page
Query Builder