Adobe Experience Manager@* Security Vulnerabilities and Issues — Adobe Experience Manager@* CVE List

Lucene search

AdobeAdobe Experience Manager*

799 matches found

CVE•added 2019/08/16 5:15 p.m.•268 views

CVE-2019-7964

Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote code execution.

10CVSS9.7AI score0.44281EPSS

CVE•added 2020/01/15 5:15 p.m.•157 views

CVE-2019-16469

Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.5CVSS7.2AI score0.73573EPSS

CVE•added 2019/10/24 6:15 p.m.•95 views

CVE-2019-8080

Adobe Experience Manager versions 6.4 and 6.3 have a stored cross site scripting vulnerability. Successful exploitation could lead to privilege escalation.

6.1CVSS5.8AI score0.01012EPSS

CVE•added 2019/10/24 6:15 p.m.•94 views

CVE-2019-8078

Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.4AI score0.0126EPSS

CVE•added 2019/10/24 6:15 p.m.•93 views

CVE-2019-8079

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.4AI score0.01639EPSS

CVE•added 2024/06/13 8:16 a.m.•93 views

CVE-2024-36236

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires user...

5.4CVSS5.5AI score0.01203EPSS

CVE•added 2024/03/18 6:15 p.m.•89 views

CVE-2024-26042

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the pag...

5.4CVSS5.6AI score0.01681EPSS

CVE•added 2023/09/13 2:15 p.m.•87 views

CVE-2023-38215

Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.1AI score0.00305EPSS

CVE•added 2023/06/15 7:15 p.m.•85 views

CVE-2023-29304

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of th...

5.4CVSS5AI score0.03112EPSS

CVE•added 2019/10/25 4:15 p.m.•83 views

CVE-2019-8086

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.5CVSS7.1AI score0.54798EPSS

CVE•added 2024/03/18 6:15 p.m.•82 views

CVE-2024-26032

5.4CVSS6.2AI score0.01325EPSS

CVE•added 2024/04/04 9:15 a.m.•80 views

CVE-2024-20800

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they bro...

5.4CVSS6.2AI score0.02342EPSS

CVE•added 2024/03/18 6:15 p.m.•80 views

CVE-2024-26028

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00591EPSS

CVE•added 2023/03/22 5:15 p.m.•77 views

CVE-2023-21615

Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the vic...

5.4CVSS5AI score0.00927EPSS

CVE•added 2024/03/18 6:15 p.m.•77 views

CVE-2024-26034

5.4CVSS5.3AI score0.00527EPSS

CVE•added 2019/10/25 4:15 p.m.•76 views

CVE-2019-8087

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.5CVSS7.1AI score0.01035EPSS

CVE•added 2023/09/13 2:15 p.m.•75 views

CVE-2023-38214

5.4CVSS5.1AI score0.00305EPSS

CVE•added 2024/03/18 6:15 p.m.•74 views

CVE-2024-26064

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...

5.4CVSS6.2AI score0.01905EPSS

CVE•added 2024/06/13 8:16 a.m.•74 views

CVE-2024-36217

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.01072EPSS

CVE•added 2024/03/18 6:15 p.m.•73 views

CVE-2024-26052

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•73 views

CVE-2024-26069

5.4CVSS5AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•72 views

CVE-2024-26065

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2019/10/25 4:15 p.m.•71 views

CVE-2019-8085

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.4AI score0.01639EPSS

CVE•added 2024/03/18 6:15 p.m.•71 views

CVE-2024-26043

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•70 views

CVE-2024-26040

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•70 views

CVE-2024-26103

Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

5.4CVSS5.6AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•69 views

CVE-2024-26056

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/06/13 8:16 a.m.•69 views

CVE-2024-26127

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect the integrity of the page. Exploitation ...

3.5CVSS5.2AI score0.00088EPSS

CVE•added 2023/06/15 7:15 p.m.•68 views

CVE-2023-29322

5.4CVSS5AI score0.03814EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26031

5.4CVSS5.3AI score0.00591EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26044

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...

5.4CVSS6.2AI score0.01681EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26059

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26062

5.4CVSS5AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26063

Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information, potentially bypassing security measures. Exp...

5.3CVSS6.7AI score0.00105EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26080

5.4CVSS5.1AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26101

5.4CVSS5.6AI score0.0044EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26107

5.4CVSS5.6AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26119

Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to achieve a low-confidentiality impact within the application. Exploitation of this issue does no...

5.3CVSS5.6AI score0.00258EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26125

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/04/02 8:15 a.m.•67 views

CVE-2024-20799

5.4CVSS5.3AI score0.00888EPSS

CVE•added 2024/03/18 6:15 p.m.•67 views

CVE-2024-26124

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•66 views

CVE-2024-26038

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•66 views

CVE-2024-26051

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•66 views

CVE-2024-26105

5.4CVSS5.1AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•65 views

CVE-2024-26050

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to th...

4.8CVSS4.7AI score0.00311EPSS

CVE•added 2024/03/18 6:15 p.m.•65 views

CVE-2024-26118

5.4CVSS5.1AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•64 views

CVE-2024-20760

5.4CVSS5.3AI score0.00616EPSS

CVE•added 2024/03/18 6:15 p.m.•64 views

CVE-2024-26035

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•64 views

CVE-2024-26041