Experience Manager Forms Security Vulnerabilities and Issues — Experience Manager Forms CVE List

Lucene search

AdobeExperience Manager Forms

6 matches found

CVE•added 2016/12/15 6:59 a.m.•104 views

CVE-2016-6934

Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the PMAdmin module that could be used in cross-site scripting attacks.

6.1CVSS5.9AI score0.00902EPSS

CVE•added 2019/05/29 6:29 p.m.•94 views

CVE-2019-7129

Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.01639EPSS

CVE•added 2019/10/22 9:15 p.m.•87 views

CVE-2019-8089

Adobe Experience Manager Forms versions 6.3-6.5 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.01639EPSS

CVE•added 2020/09/10 5:15 p.m.•55 views

CVE-2020-9733

An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. If exploited, this could lead to read-only access to sensitive data in an AEM repository.

7.5CVSS7.3AI score0.00487EPSS

CVE•added 2020/09/10 5:15 p.m.•45 views

CVE-2020-9732

The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they...

9CVSS8.3AI score0.00952EPSS

CVE•added 2017/05/09 4:29 p.m.•44 views

CVE-2017-3067

Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.

7.5CVSS7.2AI score0.04527EPSS