Experience Manager Cloud Service Security Vulnerabilities and Issues — Page 2 of Experience Manager Cloud Service CVE List

Lucene search

AdobeExperience Manager Cloud Service

186 matches found

CVE•added 2022/12/21 1:21 a.m.•56 views

CVE-2022-42364

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/01/13 9:15 p.m.•55 views

CVE-2021-43762

AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a dispatcher bypass vulnerability that could be abused to evade security controls. Sensitive areas of the web application may be exposed through exploitation of the vulnerability.

6.5CVSS6.7AI score0.00617EPSS

CVE•added 2022/12/21 1:21 a.m.•55 views

CVE-2022-42356

5.4CVSS5.3AI score0.02063EPSS

CVE•added 2022/12/21 1:21 a.m.•54 views

CVE-2022-44466

5.4CVSS5AI score0.02063EPSS

CVE•added 2021/06/28 2:15 p.m.•53 views

CVE-2021-21083

AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by an Improper Access Control vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service in the context of the ...

7.5CVSS7.4AI score0.00546EPSS

CVE•added 2022/01/13 9:15 p.m.•52 views

CVE-2021-43761

AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may ...

8CVSS5.6AI score0.03253EPSS

CVE•added 2023/03/22 5:15 p.m.•52 views

CVE-2023-22262

Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interact...

5.4CVSS5.1AI score0.00333EPSS

CVE•added 2024/06/13 8:16 a.m.•52 views

CVE-2024-34120

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00816EPSS

CVE•added 2023/03/22 5:15 p.m.•51 views

CVE-2023-21616

Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the vic...

5.4CVSS5.3AI score0.0145EPSS

CVE•added 2023/06/15 7:15 p.m.•50 views

CVE-2023-29302

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of th...

5.4CVSS5AI score0.03112EPSS

CVE•added 2023/03/22 5:15 p.m.•49 views

CVE-2023-22258

5.4CVSS5.5AI score0.00352EPSS

CVE•added 2023/03/22 5:15 p.m.•49 views

CVE-2023-22266

5.4CVSS5.5AI score0.00333EPSS

CVE•added 2023/03/22 5:15 p.m.•48 views

CVE-2023-22265

5.4CVSS5.1AI score0.00333EPSS

CVE•added 2024/06/13 8:16 a.m.•48 views

CVE-2024-36238

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires us...

5.4CVSS5.5AI score0.01072EPSS

CVE•added 2022/01/13 9:15 p.m.•47 views

CVE-2021-44176

AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they b...

8.1CVSS5.9AI score0.05654EPSS

CVE•added 2022/01/13 9:15 p.m.•47 views

CVE-2021-44178

AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a reflected Cross-Site Scripting (XSS) vulnerability via the itemResourceType parameter. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may b...

6.1CVSS5.6AI score0.02816EPSS

CVE•added 2023/03/22 5:15 p.m.•47 views

CVE-2023-22253

5.4CVSS5AI score0.00978EPSS

CVE•added 2022/01/13 9:15 p.m.•46 views

CVE-2021-43765

8.1CVSS5.9AI score0.07001EPSS

CVE•added 2022/01/13 9:15 p.m.•45 views

CVE-2021-43764

8CVSS5.6AI score0.03253EPSS

CVE•added 2022/01/13 9:15 p.m.•45 views

CVE-2021-44177

8.1CVSS5.9AI score0.05654EPSS

CVE•added 2023/03/22 5:15 p.m.•45 views

CVE-2023-22259

5.4CVSS5.1AI score0.00352EPSS

CVE•added 2024/06/13 8:15 a.m.•45 views

CVE-2024-26082

5.4CVSS5.3AI score0.00739EPSS

CVE•added 2023/12/15 11:15 a.m.•40 views

CVE-2023-48444

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5AI score0.0018EPSS

CVE•added 2023/12/15 11:15 a.m.•40 views

CVE-2023-48474

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.2AI score0.00201EPSS

CVE•added 2023/12/15 11:15 a.m.•40 views

CVE-2023-48547

5.4CVSS5.3AI score0.0028EPSS

CVE•added 2021/06/28 2:15 p.m.•37 views

CVE-2021-21084

7.3CVSS5.9AI score0.02255EPSS

CVE•added 2023/12/15 11:15 a.m.•37 views

CVE-2023-48448

Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.1AI score0.00343EPSS

CVE•added 2023/12/15 11:15 a.m.•37 views

CVE-2023-48497

5.4CVSS5.1AI score0.0018EPSS

CVE•added 2023/12/15 11:15 a.m.•37 views

CVE-2023-48519

5.4CVSS5.1AI score0.0018EPSS

CVE•added 2023/12/15 11:15 a.m.•36 views

CVE-2023-48493

5.4CVSS5.6AI score0.0018EPSS

CVE•added 2023/12/15 11:15 a.m.•35 views

CVE-2023-48445