CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2024/06/13 7:53 a.m.•28 views

CVE-2024-26037 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS0.0145EPSS

CVE•added 2024/06/13 7:53 a.m.•58 views

CVE-2024-36156

CVE-2024-36156 affects Adobe Experience Manager (AEM) 6.5.20 and earlier. It is a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields that could allow an attacker to inject malicious scripts, with malicious JavaScript executed in a victim’s browser when visiting the page con...

Vulnrichment•added 2024/06/13 7:53 a.m.•16 views

CVE-2024-36156 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE•added 2024/06/13 7:53 a.m.•52 views

CVE-2024-20769

CVE-2024-20769 concerns Adobe Experience Manager (AEM) versions 6.5.20 and earlier, with a stored Cross-Site Scripting (XSS) vulnerability that could allow injection of malicious scripts into vulnerable form fields, leading to JavaScript execution in a victim’s browser when loading the affected p...

Vulnrichment•added 2024/06/13 7:53 a.m.•16 views

CVE-2024-20769 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Vulnrichment•added 2024/06/13 7:53 a.m.•17 views

CVE-2024-36229 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS5.5AI score0.03537EPSS

CVE•added 2024/06/13 7:53 a.m.•106 views

CVE-2024-36236

CVE-2024-36236 affects Adobe Experience Manager 6.5.20 and earlier with a DOM-based XSS that can allow arbitrary JavaScript in a victim’s browser, typically requiring user interaction. Adobe has released updates (APSB24-28) to fix these issues; customers should upgrade to 6.5.21+ or apply the ava...

5.4CVSS5.5AI score0.02949EPSS

CVE•added 2024/06/13 7:53 a.m.•56 views

CVE-2024-26082

Affected product/versions: Adobe Experience Manager (AEM) 6.5.20 and earlier. Vulnerability type: Stored Cross-Site Scripting (XSS) in vulnerable form fields. Root cause/impact: Malicious JavaScript can be injected and executed in a victim’s browser when visiting a page containing the vulnerable ...

5.4CVSS5.3AI score0.01644EPSS

CVE•added 2024/06/13 7:53 a.m.•57 views

CVE-2024-26088

Adobe Experience Manager (AEM) versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, allowing an attacker to inject malicious scripts that execute in a victim’s browser. The issue stems from the DOM/storage of user-provided input ...

5.4CVSS5.3AI score0.01615EPSS

Vulnrichment•added 2024/06/13 7:53 a.m.•20 views

CVE-2024-26088 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS5.3AI score0.01615EPSS

Cvelist•added 2024/06/13 7:53 a.m.•30 views

CVE-2024-36211 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS0.01615EPSS

Cvelist•added 2024/06/13 7:53 a.m.•25 views

CVE-2024-36233 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS0.02635EPSS

CVE•added 2024/06/13 7:53 a.m.•57 views

CVE-2024-36225

CVE-2024-36225 affects Adobe Experience Manager versions 6.5.20 and earlier with a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. Malicious JavaScript could be executed in a victim’s browser when loading pages containing the vulnerable field. The issue is documented in...

5.4CVSS5.3AI score0.03537EPSS

Cvelist•added 2024/06/13 7:53 a.m.•21 views

CVE-2024-26110 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.01781EPSS

CVE•added 2024/06/13 7:53 a.m.•64 views

CVE-2024-26110

Adobe Experience Manager 6.5.20 and earlier are affected by a stored XSS in vulnerable form fields. An attacker can inject script and have it execute in a victim’s browser when visiting the page containing the field. The issue stems from improper validation of user input. Adobe has released updat...

Vulnrichment•added 2024/06/13 7:53 a.m.•18 views

CVE-2024-26110 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Cvelist•added 2024/06/13 7:53 a.m.•18 views

CVE-2024-36206 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

5.4CVSS0.01615EPSS

Vulnrichment•added 2024/06/13 7:53 a.m.•19 views

CVE-2024-36153 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

CVE•added 2024/06/13 7:53 a.m.•73 views

CVE-2024-36230

CVE-2024-36230 affects Adobe Experience Manager (AEM) versions 6.5.20 and earlier. The issue is a DOM-based Cross-Site Scripting (XSS) vulnerability that could let an attacker run arbitrary JavaScript in a victim’s browser context. Exploitation normally requires user interaction (e.g., clicking a...

5.4CVSS5.6AI score0.08859EPSS