CVE-2024-26087 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-20779

Adobe Experience Manager (AEM) versions 6.5.19 and earlier are affected by a stored XSS vulnerability in vulnerable form fields. Root cause described in PT-2024-2857 as inadequate protection of the web page structure, allowing injected JavaScript to execute in a victim’s browser. AEM APSB24-21 pr...

CVE-2024-20780 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26046

CVE-2024-26046 affects Adobe Experience Manager up to version 6.5.19 (and earlier). It is a stored Cross‑Site Scripting (XSS) vulnerability where malicious JavaScript can be injected into vulnerable form fields and executed in a victim’s browser when visiting the affected page. Remediation: upgra...

CVE-2024-26046 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26076 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26084

CVE-2024-26084 affects Adobe Experience Manager (AEM) versions 6.5.19 and earlier. It is a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, allowing an attacker to inject malicious scripts that execute in a victim’s browser when the page containing the field is loaded. A...

CVE-2024-26076 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26076

Affected product/versions: Adobe Experience Manager (AEM) 6.5.19 and earlier. Vulnerability: stored Cross-Site Scripting (XSS) in vulnerable form fields (CVE-2024-26076). Impact (as described): attacker can inject malicious JavaScript, which executes in a victim’s browser when visiting the affect...

CVE-2024-26084 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26122 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26122

Adobe Experience Manager (AEM) versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability tracked as CVE-2024-26122. The issue occurs in vulnerable form fields where attacker-supplied input is stored and later rendered in a victim’s browser, enabling injection o...

CVE-2024-26047 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26047

Adobe Experience Manager (AEM) versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The issue could allow an attacker to inject JavaScript that executes in a victim’s browser when visiting a page containing the vulnerable field. ...

CVE-2024-26098

CVE-2024-26098 affects Adobe Experience Manager (AEM) 6.5.19 and earlier. The vulnerability is a stored Cross-Site Scripting (XSS) in vulnerable form fields, allowing an attacker to inject malicious scripts that may execute in a victim’s browser when visiting a page containing the affected field....

PT-2024-26648 · Unknown · Anything-Llm

Name of the Vulnerable Software and Affected Versions: anything-llm affected versions not specified Description: A stored Cross-Site Scripting XSS vulnerability exists in the chat functionality, allowing attackers to execute arbitrary JavaScript in the context of a user's session. By manipulating...

PT-2024-2857 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.19 and earlier Description: The issue exists due to inadequate protection of the web page structure. An attacker could exploit this to inject malicious scripts into vulnerable form fields, potentially...

CVE-2024-20800

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they...

CVE-2024-20800

CVE-2024-20800 affects Adobe Experience Manager versions 6.5.19 and earlier. The issue is a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable web pages, potentially leading to arbitrary code executio...

CVE-2024-20800 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they...