Lucene search
K
AdobeExperience Manager Cloud Service

183 matches found

CVE
CVE
added 2022/12/21 1:21 a.m.101 views

CVE-2022-44474

CVE-2022-44474 is an Adobe Experience Manager (AEM) reflected XSS affecting version 6.5.14 and earlier. The vulnerability allows a low-privileged attacker to entice a user to visit a crafted URL, causing malicious JavaScript to run in the victim’s browser. The primary exploitation detail is a ref...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/09/13 1:1 p.m.101 views

CVE-2023-38215

CVE-2023-38215 affects Adobe Experience Manager (AEM) versions 6.5.17 and earlier. It is a reflected XSS vulnerability: a low-privilege attacker lures a victim to a crafted URL, causing malicious JavaScript to execute in the user’s browser. CVSS v3.1 base score 5.4 (Medium): AV:N/AC:L/PR:L/UI:R/S...

5.4CVSS5.1AI score0.00363EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.100 views

CVE-2023-21615

Summary of CVE-2023-21615 : Adobe Experience Manager (AEM) 6.5.x up to 6.5.15.0 is affected by a reflected XSS vulnerability. An attacker with low privileges can lure a user to a crafted URL referencing a vulnerable page, causing JavaScript execution in the victim’s browser. The CVSS 3.1 score is...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/06/15 12:0 a.m.100 views

CVE-2023-29304

Summary: CVE-2023-29304 affects Adobe Experience Manager (AEM) 6.5.16.0 and earlier and is a reflected Cross-Site Scripting (XSS) vulnerability. The attack requires a low-privileged user to lure a victim to a crafted URL referencing a vulnerable page, enabling execution of malicious JavaScript in...

5.4CVSS5AI score0.0046EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.93 views

CVE-2023-22254

CVE-2023-22254 affects Adobe Experience Manager (AEM) Experience Manager 6.5.15.0 and earlier with a reflected XSS in which a low-privileged attacker entices a victim to visit a crafted URL referencing a vulnerable page, causing malicious JavaScript to run in the victim’s browser. The vulnerabili...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.91 views

CVE-2023-22260

CVE-2023-22260 affects Adobe Experience Manager 6.5.15.0 and earlier. It is a URL Redirection to Untrusted Site (Open Redirect) vulnerability that could be exploited by a low-privilege authenticated user to redirect victims to malicious sites, requiring user interaction. Remediation references up...

5.4CVSS5.1AI score0.00478EPSS
CVE
CVE
added 2020/12/10 5:32 a.m.90 views

CVE-2020-24445

CVE-2020-24445 affects Adobe Experience Manager (AEM) Cloud Service and on-prem versions up to 6.5.6.0, with a stored XSS in vulnerable form fields. Root cause: insufficient input handling that allows arbitrary JavaScript execution in the victim’s browser. Impact per sources: high confidentiality...

9CVSS8AI score0.02535EPSS
CVE
CVE
added 2022/09/23 6:15 p.m.89 views

CVE-2022-38439

Adobe Experience Manager (AEM) versions 6.5.13.0 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. Exploitation requires low-privilege access and user interaction (victim must visit a crafted URL), potentially allowing execution of malicious JavaScript in the victi...

5.4CVSS5.3AI score0.00515EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.89 views

CVE-2022-44463

CVE-2022-44463 affects Adobe Experience Manager (AEM) 6.5.14 and earlier. A reflected Cross-Site Scripting (XSS) vulnerability can execute malicious JavaScript in the victim’s browser if a user is lured to a vulnerable page URL. The CVE description specifies low-privileged, network-access conditi...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.88 views

CVE-2022-35696

Adobe Experience Manager (AEM) 6.5.14 and earlier is affected by a reflected Cross-Site Scripting (XSS) vulnerability. The issue arises from inadequate protection of the web page structure, enabling a remote attacker to lure a victim to a crafted URL and cause JavaScript to run in the user’s brow...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.88 views

CVE-2023-22271

Adobe Experience Manager (AEM) 6.5.x

5.3CVSS5.4AI score0.00818EPSS
CVE
CVE
added 2022/01/13 8:27 p.m.86 views

CVE-2021-40722

Adobe Experience Manager (AEM) – CVE-2021-40722 affects AEM Forms Cloud Service and on-prem 6.5.10.0 and earlier via an XML External Entity (XXE) injection that can lead to RCE. The connected advisories list this CVE as part of APSB21-103 and note remediation by upgrading to 6.5.11.0 or applying ...

9.8CVSS9.5AI score0.03273EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.86 views

CVE-2023-22252

CVE-2023-22252 affects Adobe Experience Manager (AEM) Experience Manager 6.5.15.0 and earlier, with a reflected XSS flaw that can execute malicious JavaScript in a victim’s browser when a user is lured to a vulnerable URL. CVSS‑3.1 base score 5.4 (MEDIUM): confidentiality and integrity impact LOW...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.86 views

CVE-2023-22264

Adobe Experience Manager (AEM) 6.5.15.0 and earlier is affected by a URL redirection to untrusted site vulnerability (CVE-2023-22264). The issue allows a low‑privilege authenticated attacker to induce redirection to a malicious site, requiring user interaction. Mitigation in the public advisory A...

5.4CVSS5.1AI score0.00478EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.85 views

CVE-2022-42362

CVE-2022-42362 concerns Adobe Experience Manager (AEM) 6.5.14 and earlier, with a reflected Cross-Site Scripting (XSS) vulnerability. An attacker who lure a user to a crafted URL can cause malicious JavaScript to run in the victim’s browser context. The available connected documents confirm the a...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.84 views

CVE-2022-42366

Adobe Experience Manager (AEM)

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.84 views

CVE-2022-44467

Adobe Experience Manager 6.5.14 and earlier are affected by a reflected XSS vulnerability (CVE-2022-44467). The issue allows a low-privilege attacker to entice a user to visit a crafted URL, causing arbitrary JavaScript execution in the user’s browser. Affected component: AEM web UI/pages referen...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.83 views

CVE-2022-42357

Adobe Experience Manager (AEM) versions 6.5.14 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability triggered when a victim is enticed to visit a crafted URL, allowing malicious JavaScript to run in the victim’s browser. The vulnerability is described across multiple s...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.83 views

CVE-2022-44462

CVE-2022-44462 affects Adobe Experience Manager (AEM) 6.5.14 and earlier, with a reflected XSS vulnerability that a low-privileged attacker can trigger by convincing a victim to visit a crafted URL, enabling execution of malicious JavaScript in the victim’s browser. The issue is documented across...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.83 views

CVE-2022-44473

CVE-2022-44473 affects Adobe Experience Manager (AEM) versions 6.5.14 and earlier. A reflected XSS vulnerability allows a low-privileged attacker to lure a victim to a crafted URL, causing arbitrary JavaScript to execute in the victim’s browser. Root cause is described as insufficient protection ...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.83 views

CVE-2023-22257

Adobe Experience Manager (AEM) 6.5.15.0 and earlier is affected by a URL redirect to an untrusted site (Open Redirect). The issue enables a low-privilege authenticated attacker to redirect users to a malicious site and requires user interaction. Remediation per APSB23-18 is to apply the security ...

5.4CVSS5.1AI score0.00478EPSS
CVE
CVE
added 2022/09/23 6:15 p.m.82 views

CVE-2022-38438

CVE-2022-38438 affects Adobe Experience Manager versions 6.5.13.0 and earlier with a reflected Cross-Site Scripting (XSS) vulnerability. The issue can be triggered when a victim is convinced to visit a vulnerable URL, allowing malicious JavaScript to execute in the browser context. Exploitation r...

5.4CVSS5AI score0.00719EPSS
CVE
CVE
added 2023/06/15 12:0 a.m.82 views

CVE-2023-29322

Adobe Experience Manager versions 6.5.16.0 and earlier are affected by a reflected XSS vulnerability (CVE-2023-29322). A low-privileged attacker can lure a victim to a crafted URL that executes malicious JavaScript in the victim’s browser. Remediation: update to AEM 6.5.17.0 or apply vendor-suppl...

5.4CVSS5AI score0.00489EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.81 views

CVE-2022-30679

Adobe Experience Manager (AEM) 6.5.14 and earlier is affected by a reflected Cross-Site Scripting (XSS) vulnerability (CVE-2022-30679). A low-privileged attacker can entice a victim to visit a crafted URL, enabling malicious JavaScript to run in the victim’s browser. CVSS metrics indicate Network...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.81 views

CVE-2022-35693

CVE-2022-35693 concerns Adobe Experience Manager (AEM) up to version 6.5.14 and earlier, with a reflected XSS vulnerability. The issue arises from how vulnerable pages reference user-controlled data, allowing a low-privileged attacker to lure a victim to a crafted URL and cause arbitrary JavaScri...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.81 views

CVE-2022-44468

Affected software: Adobe Experience Manager (AEM) 6.5.14 and earlier. Vulnerability: Reflected Cross-Site Scripting (XSS) that can execute malicious JavaScript in the victim’s browser when a user visits a crafted URL referencing a vulnerable page. Root cause/impact: XSS in AEM pages; enables scri...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.80 views

CVE-2022-42345

Adobe Experience Manager (AEM) 6.5.14 and earlier are affected by a reflected XSS vulnerability (CVE-2022-42345) where a low-privilege attacker must induce a victim to visit a vulnerable URL; malicious JavaScript can execute in the victim’s browser. Impact aligns with MEDIUM severity (CVSS 3.1: A...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.80 views

CVE-2022-44469

CVE-2022-44469 affects Adobe Experience Manager 6.5.14 and earlier. A reflected XSS flaw could allow a low-privileged attacker to lure a user to a crafted URL, causing malicious JavaScript to run in the victim’s browser. Impact: potential script execution within the user context; exploitation req...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.80 views

CVE-2023-22261

Adobe Experience Manager (AEM) 6.5.15.0 and earlier is affected by a URL redirection to an untrusted site vulnerability (Open Redirect). A low-privilege authenticated user can trigger redirects to malicious sites, with exploitation requiring user interaction. Remediation: update to 6.5.16.0 or la...

5.4CVSS5.1AI score0.00478EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.79 views

CVE-2022-42367

Adobe Experience Manager (AEM) versions 6.5.14 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability (CVE-2022-42367). The issue can be exploited when a low-privilege attacker entices a victim to visit a crafted URL referencing a vulnerable page, potentially executing m...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.79 views

CVE-2022-44465

Adobe Experience Manager (AEM) up to v6.5.14 and earlier is affected by a reflected XSS vulnerability. A low-privileged attacker can entice a victim to visit a crafted URL referencing a vulnerable page, allowing malicious JavaScript to run in the victim’s browser. The issue stems from insufficien...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/06/15 12:0 a.m.79 views

CVE-2023-29307

Adobe Experience Manager (AEM) 6.5.16.0 and earlier is affected by a URL Redirection to Untrusted Site vulnerability. An authenticated, low-privilege user could trigger a redirect to a malicious site, with exploitation requiring user interaction. The issue is documented under CVE-2023-29307 and i...

5.4CVSS5.1AI score0.00458EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.78 views

CVE-2022-35694

Adobe Experience Manager (AEM) 6.5.14 and earlier is affected by a reflected XSS that allows an attacker with low privileges, by enticing a victim to visit a crafted URL, to execute malicious JavaScript in the victim’s browser. The issue is described across multiple sources as a reflected Cross‑S...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.78 views

CVE-2022-42346

CVE-2022-42346 affects Adobe Experience Manager 6.5.14 and earlier with a reflected XSS vulnerability. A low-privileged attacker can lure a victim to a crafted URL, causing malicious JavaScript to run in the browser. Root cause: insufficient input handling leading to reflected XSS. Impact: browse...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.78 views

CVE-2022-42350

Adobe Experience Manager (AEM) 6.5.14 and earlier is affected by a reflected Cross-Site Scripting (XSS) vulnerability. A low-privileged attacker can lure a victim to a crafted URL referencing a vulnerable page, causing malicious JavaScript to run in the victim’s browser. Affected component: AEM w...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.77 views

CVE-2022-42348

CVE-2022-42348 affects Adobe Experience Manager (AEM) 6.5.14 and earlier, through a reflected Cross-Site Scripting (XSS) flaw that can execute malicious JavaScript in a victim’s browser when a crafted URL is visited. The issue is demonstrated in AEM’s handling of vulnerable pages, with exploitati...

5.4CVSS5AI score0.0051EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.77 views

CVE-2023-22269

CVE-2023-22269 affects Adobe Experience Manager (AEM) 6.5.x, specifically 6.5.15.0 and earlier. The vulnerability is a reflected XSS in which an attacker lures a victim to a crafted URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s browser. Exploitation is...

5.4CVSS5.3AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.76 views

CVE-2022-42352

CVE-2022-42352 — Adobe Experience Manager (AEM) : The issue is a reflected Cross-Site Scripting (XSS) vulnerability in AEM versions 6.5.14 and earlier. A low-privileged attacker can lure a victim to a URL referencing a vulnerable page, causing malicious JavaScript to execute in the victim’s brows...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.76 views

CVE-2022-42360

Adobe Experience Manager 6.5.14 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can lure a victim to a URL referencing a vulnerable page, allowing malicious JavaScript to run in the victim’s browser. The issue is documented in CVE-...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.76 views

CVE-2022-42364

CVE-2022-42364 (Adobe Experience Manager) is a reflected Cross-Site Scripting vulnerability affecting AEM 6.5.14 and earlier. The issue arises in how vulnerable pages process input, allowing a low-privilege attacker to lure a user to a crafted URL and execute malicious JavaScript in the victim’s ...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.76 views

CVE-2023-22263

Adobe Experience Manager (AEM) 6.5.15.0 and earlier is affected by a URL redirection to an untrusted site (Open Redirect). The vulnerability enables a low-privilege authenticated attacker to induce users to be redirected to malicious websites, with exploitation requiring user interaction. AEM ver...

5.4CVSS5.1AI score0.00478EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.75 views

CVE-2022-42351

Adobe Experience Manager (AEM) versions 6.5.14 and earlier are affected by CVE-2022-42351, an Incorrect Authorization vulnerability that allows a low-privileged attacker to disclose low-level confidential information and bypass certain security features without user interaction. Affected componen...

4.3CVSS4.4AI score0.00922EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.75 views

CVE-2022-44488

Adobe Experience Manager (AEM) versions 6.5.14 and earlier are affected by CVE-2022-44488, an Open Redirect vulnerability where a low-privilege authenticated attacker can cause users to be redirected to a malicious site. Exploitation requires user interaction. Mitigation: upgrade to a fixed versi...

5.4CVSS4.2AI score0.00469EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.74 views

CVE-2022-35695

CVE-2022-35695 affects Adobe Experience Manager (AEM) versions 6.5.14 and earlier, with a reflected XSS vulnerability that can cause malicious JavaScript to execute in a victim’s browser when a user is lured to a crafted URL. Exploitation requires user interaction and low privileges. Affected com...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.74 views

CVE-2022-42349

Summary: CVE-2022-42349 affects Adobe Experience Manager (AEM) 6.5.14 and earlier. The issue is a reflected Cross‑Site Scripting (XSS) vulnerability that can execute malicious JavaScript in a victim’s browser if the user visits a crafted URL referencing a vulnerable page. Impact details : attacke...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.74 views

CVE-2022-44470

CVE-2022-44470 affects Adobe Experience Manager (AEM) 6.5.14 and earlier. It is a reflected Cross-Site Scripting (XSS) vulnerability: if a low-privileged user is induced to visit a URL referencing a vulnerable page, a victim’s browser may execute malicious JavaScript. The issue is explicitly desc...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.74 views

CVE-2022-44471

Adobe Experience Manager 6.5.14 and earlier are affected by CVE-2022-44471: a reflected XSS that allows a low-privileged attacker to lure a victim to a vulnerable URL and have malicious JavaScript run in the victim’s browser. The records note available security updates for AEM (APSB22-59) to addr...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.72 views

CVE-2022-42356

Adobe Experience Manager (AEM) 6.5.14 and earlier is affected by a reflected cross-site scripting (XSS) vulnerability. A low-privilege attacker can lure a victim to a vulnerable URL, causing malicious JavaScript to execute in the victim’s browser. The CVSS v3.1 base score is 5.4 (Medium). Remedia...

5.4CVSS5.3AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.71 views

CVE-2022-42354

CVE-2022-42354 describes a reflected XSS in Adobe Experience Manager (AEM) 6.5.14 and earlier: a low-privileged attacker can convince a victim to visit a crafted URL, causing arbitrary JavaScript to run in the victim’s browser. Connected sources confirm this is an AEM page-context XSS vulnerabili...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.71 views

CVE-2022-42365

CVE-2022-42365 – AEM reflected XSS : Adobe Experience Manager 6.5.14 and earlier is vulnerable to a reflected Cross-Site Scripting attack. A low-privilege attacker can trick a user into visiting a URL referencing a vulnerable page, causing malicious JavaScript to execute in the user’s browser con...

5.4CVSS5AI score0.0048EPSS
Total number of security vulnerabilities183