Lucene search

K
AdobeExperience Manager

913 matches found

CVE
CVE
added 2019/08/16 5:15 p.m.268 views

CVE-2019-7964

Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote code execution.

10CVSS9.7AI score0.44281EPSS
CVE
CVE
added 2020/01/15 5:15 p.m.155 views

CVE-2019-16469

Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.5CVSS7.2AI score0.73573EPSS
CVE
CVE
added 2016/02/10 8:59 p.m.109 views

CVE-2016-0956

The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors.

7.8CVSS7AI score0.13277EPSS
CVE
CVE
added 2019/07/18 10:15 p.m.104 views

CVE-2019-7955

Adobe Experience Manager version 6.4 and ealier have a Reflected Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.

6.1CVSS5.8AI score0.00934EPSS
CVE
CVE
added 2016/12/15 6:59 a.m.97 views

CVE-2016-6933

Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks.

6.1CVSS5.9AI score0.01191EPSS
CVE
CVE
added 2022/09/30 5:15 p.m.97 views

CVE-2022-28851

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's bro...

5.4CVSS5AI score0.12442EPSS
CVE
CVE
added 2019/10/24 6:15 p.m.95 views

CVE-2019-8080

Adobe Experience Manager versions 6.4 and 6.3 have a stored cross site scripting vulnerability. Successful exploitation could lead to privilege escalation.

6.1CVSS5.8AI score0.01012EPSS
CVE
CVE
added 2019/10/24 6:15 p.m.94 views

CVE-2019-8078

Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.4AI score0.0126EPSS
CVE
CVE
added 2019/10/24 6:15 p.m.93 views

CVE-2019-8079

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.4AI score0.01639EPSS
CVE
CVE
added 2024/06/13 8:16 a.m.93 views

CVE-2024-36236

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires user...

5.4CVSS5.5AI score0.00375EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.89 views

CVE-2024-26042

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the pag...

5.4CVSS5.6AI score0.01681EPSS
CVE
CVE
added 2019/07/18 10:15 p.m.88 views

CVE-2019-7954

Adobe Experience Manager version 6.4 and ealier have a Stored Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.

6.1CVSS5.8AI score0.01182EPSS
CVE
CVE
added 2023/09/13 2:15 p.m.87 views

CVE-2023-38215

Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.1AI score0.00305EPSS
CVE
CVE
added 2023/06/15 7:15 p.m.85 views

CVE-2023-29304

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of th...

5.4CVSS5AI score0.03112EPSS
CVE
CVE
added 2019/10/25 4:15 p.m.83 views

CVE-2019-8086

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.5CVSS7.1AI score0.54798EPSS
CVE
CVE
added 2019/07/18 10:15 p.m.82 views

CVE-2019-7953

Adobe Experience Manager version 6.4 and ealier have a Cross-Site Request Forgery vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.

6.5CVSS6.2AI score0.01117EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.82 views

CVE-2022-44474

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.82 views

CVE-2024-26032

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the pag...

5.4CVSS6.2AI score0.01325EPSS
CVE
CVE
added 2016/02/10 8:59 p.m.80 views

CVE-2016-0957

Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors.

7.8CVSS7.4AI score0.91105EPSS
CVE
CVE
added 2024/04/04 9:15 a.m.80 views

CVE-2024-20800

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they bro...

5.4CVSS6.2AI score0.02342EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.80 views

CVE-2024-26028

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00591EPSS
CVE
CVE
added 2021/02/02 11:15 p.m.79 views

CVE-2021-21043

ACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content...

6.1CVSS5.9AI score0.00985EPSS
CVE
CVE
added 2020/12/10 6:15 a.m.77 views

CVE-2020-24445

AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they b...

9CVSS8AI score0.01091EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.77 views

CVE-2023-21615

Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the vic...

5.4CVSS5AI score0.00927EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.77 views

CVE-2024-26034

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00527EPSS
CVE
CVE
added 2019/10/25 4:15 p.m.76 views

CVE-2019-8087

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.5CVSS7.1AI score0.01035EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.75 views

CVE-2022-38439

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's bro...

5.4CVSS5.3AI score0.02457EPSS
CVE
CVE
added 2023/09/13 2:15 p.m.75 views

CVE-2023-38214

Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.1AI score0.00305EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.74 views

CVE-2023-22260

Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interact...

5.4CVSS5.1AI score0.00333EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.74 views

CVE-2024-26064

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...

5.4CVSS6.2AI score0.01905EPSS
CVE
CVE
added 2024/06/13 8:16 a.m.74 views

CVE-2024-36217

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00762EPSS
CVE
CVE
added 2022/08/10 8:15 p.m.73 views

CVE-2022-35697

Adobe Experience Manager Core Components version 2.20.6 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5AI score0.00262EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.73 views

CVE-2023-22271

Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for Passwords vulnerability that can lead to a security feature bypass. A low-privileged attacker can exploit this in order to decrypt a user's password. The attack complexity is high since a successful exploitat...

5.3CVSS5.4AI score0.00057EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.73 views

CVE-2024-26052

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.73 views

CVE-2024-26069

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5AI score0.00464EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.72 views

CVE-2023-22254

Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the vic...

5.4CVSS5AI score0.00927EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.72 views

CVE-2023-22264

Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interact...

5.4CVSS5.1AI score0.00333EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.72 views

CVE-2024-26065

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2019/10/25 4:15 p.m.71 views

CVE-2019-8085

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.4AI score0.01639EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.71 views

CVE-2022-35696

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.00633EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.71 views

CVE-2024-26043

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.70 views

CVE-2022-30683

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could leverage this vulnerability to decrypt secrets, however, this i...

5.3CVSS5.1AI score0.00208EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.70 views

CVE-2024-26040

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.70 views

CVE-2024-26103

Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

5.4CVSS5.6AI score0.00464EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.69 views

CVE-2022-42362

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.69 views

CVE-2022-44473

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.01957EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.69 views

CVE-2024-26056

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2024/06/13 8:16 a.m.69 views

CVE-2024-26127

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect the integrity of the page. Exploitation ...

3.5CVSS5.2AI score0.00099EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.68 views

CVE-2022-44465

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.68 views

CVE-2022-44467

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS
Total number of security vulnerabilities913