CVE-2024-36205 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-36179 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26093 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

CVE-2024-26093 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

CVE-2024-36207 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26123

CVE-2024-26123 affects Adobe Experience Manager (AEM) 6.5.20 and earlier with a stored XSS vulnerability in form fields. The issue allows injected JavaScript to run in a victim’s browser when visiting vulnerable pages. CVSS 3.1 base score is 5.4 (Medium) with Network access, Low attack complexity...

CVE-2024-26095

Summary of CVE-2024-26095 (Adobe Experience Manager) : AEM 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, allowing an attacker to inject malicious JavaScript that executes in a victim’s browser when loading the affected page. The do...

CVE-2024-36189 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-36189

CVE-2024-36189 affects Adobe Experience Manager 6.5.20 and earlier with a stored XSS in vulnerable form fields. Exploitation can cause malicious JavaScript to run in a victim’s browser when visiting pages containing the field. The issue is acknowledged in public advisories and a remediation updat...

CVE-2024-36234

Adobe Experience Manager (AEM)

CVE-2024-36143

CVE-2024-36143 affects Adobe Experience Manager 6.5.20 and earlier with a stored XSS in vulnerable form fields. Malicious JavaScript can execute in a victim’s browser when visiting pages containing the field. CVSS v3.1 base score 5.4 (MEDIUM); attack vector Network, user interaction Required, imp...

CVE-2024-36188 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-36188

CVE-2024-36188 affects Adobe Experience Manager (AEM) versions 6.5.20 and earlier. The issue is a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, allowing an attacker to inject and execute malicious JavaScript in a victim’s browser when visiting the affected page. The N...

CVE-2024-36170

Adobe Experience Manager (AEM) up to version 6.5.20 is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields due to improper input validation. The CVE-2024-36170 issue can allow an attacker to inject malicious JavaScript that executes in a user’s browser when vis...

CVE-2024-36201 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-36171

Adobe Experience Manager (AEM) versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, enabling injection of malicious scripts that execute in a user’s browser when loading the page containing the vulnerable field. The CVE entry is ...

CVE-2024-26078 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26078

Adobe Experience Manager (AEM) 6.5.20 and earlier contains a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, allowing attacker-supplied scripts to execute in a victim’s browser. The issue is explicitly tied to CVE-2024-26078 and is cited alongside related XSS CVEs in th...

CVE-2024-36151 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting XSS vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires user...

CVE-2024-36235

CVE-2024-36235 affects Adobe Experience Manager (AEM) versions 6.5.20 and earlier, due to a DOM-based XSS vulnerability that can lead to arbitrary JavaScript execution in a victim’s browser when a user interacts with crafted content. Exploitation requires user interaction. The issue is addressed ...