Experience Manager Security Vulnerabilities and Issues — Page 3 of Experience Manager CVE List

Lucene search

AdobeExperience Manager

915 matches found

CVE•added 2024/03/18 6:15 p.m.•62 views

CVE-2024-26104

Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

5.4CVSS5.1AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•62 views

CVE-2024-26120

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/06/13 8:16 a.m.•62 views

CVE-2024-36230

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires us...

5.4CVSS5.6AI score0.03796EPSS

CVE•added 2024/12/10 10:15 p.m.•62 views

CVE-2024-52864

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.5AI score0.00038EPSS

CVE•added 2022/09/16 6:15 p.m.•61 views

CVE-2022-30682

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's bro...

5.4CVSS5AI score0.02306EPSS

CVE•added 2022/09/16 6:15 p.m.•61 views

CVE-2022-30686

5.4CVSS5AI score0.02306EPSS

CVE•added 2022/09/16 6:15 p.m.•61 views

CVE-2022-34218

5.4CVSS5AI score0.02306EPSS

CVE•added 2022/12/21 1:21 a.m.•61 views

CVE-2022-42346

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/19 10:0 a.m.•61 views

CVE-2022-44462

5.4CVSS5AI score0.01957EPSS

CVE•added 2022/12/21 1:21 a.m.•61 views

CVE-2022-44470

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/21 1:21 a.m.•61 views

CVE-2022-44488

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user intera...

5.4CVSS4.2AI score0.00375EPSS

CVE•added 2024/03/18 6:15 p.m.•61 views

CVE-2024-26030

5.4CVSS5.3AI score0.00591EPSS

CVE•added 2024/06/13 8:15 a.m.•61 views

CVE-2024-26126

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect the integrity of the page. Exploitation ...

3.5CVSS4.2AI score0.00066EPSS

CVE•added 2025/03/19 5:15 p.m.•61 views

CVE-2024-53967

Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. By manipulating the DOM environment in the victim's browser, a low privileged a...

5.4CVSS5.2AI score0.0022EPSS

CVE•added 2021/08/24 6:15 p.m.•60 views

CVE-2021-28628

Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by a Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser ...

6.3CVSS6AI score0.01187EPSS

CVE•added 2024/03/18 6:15 p.m.•60 views

CVE-2024-26073

5.4CVSS5AI score0.00464EPSS

CVE•added 2024/04/10 9:15 a.m.•60 views

CVE-2024-26079

5.4CVSS5.3AI score0.00583EPSS

CVE•added 2024/04/10 9:15 a.m.•60 views

CVE-2024-26087

5.4CVSS5.3AI score0.00583EPSS

CVE•added 2024/03/18 6:15 p.m.•60 views

CVE-2024-26106

5.4CVSS5.6AI score0.00464EPSS

CVE•added 2024/04/10 9:15 a.m.•60 views

CVE-2024-26122

5.4CVSS5.3AI score0.00583EPSS

CVE•added 2024/12/10 10:15 p.m.•60 views

CVE-2024-52991

5.4CVSS5.5AI score0.00038EPSS

CVE•added 2019/10/25 4:15 p.m.•59 views

CVE-2019-8088

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8CVSS9.7AI score0.12685EPSS

CVE•added 2022/09/16 6:15 p.m.•59 views

CVE-2022-30680

5.4CVSS5AI score0.01711EPSS

CVE•added 2022/12/21 1:21 a.m.•59 views

CVE-2022-42354

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/21 1:21 a.m.•59 views

CVE-2022-44471

5.4CVSS5AI score0.02063EPSS

CVE•added 2024/03/18 6:15 p.m.•59 views

CVE-2024-26045

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/06/13 8:15 a.m.•59 views

CVE-2024-26058

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires user...

5.4CVSS5.5AI score0.00762EPSS

CVE•added 2019/10/25 4:15 p.m.•58 views

CVE-2019-8234

Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site request forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.5CVSS5.9AI score0.0141EPSS

CVE•added 2021/08/24 6:15 p.m.•58 views

CVE-2021-28627

Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by a Server-side Request Forgery. An authenticated attacker could leverage this vulnerability to contact systems blocked by the dispatcher. Exploitation of this issue does not require user interacti...

8.8CVSS6.8AI score0.00427EPSS

CVE•added 2021/09/27 4:15 p.m.•58 views

CVE-2021-40711

Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a stored XSS vulnerability when creating Content Fragments. An authenticated attacker can send a malformed POST request to achieve arbitrary code execution. Malicious JavaScript may be executed in a victim’s browser when they bro...

5.4CVSS5.5AI score0.02148EPSS

CVE•added 2022/12/21 1:21 a.m.•58 views

CVE-2022-42345

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/21 1:21 a.m.•58 views

CVE-2022-42350

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/19 10:0 a.m.•58 views

CVE-2022-42360

5.4CVSS5AI score0.01957EPSS

CVE•added 2022/12/21 1:21 a.m.•58 views

CVE-2022-42365

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/23 11:3 p.m.•58 views

CVE-2022-44510

5.4CVSS5AI score0.02039EPSS

CVE•added 2023/03/22 5:15 p.m.•58 views

CVE-2023-22256

Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interact...

5.4CVSS5.4AI score0.00333EPSS

CVE•added 2024/06/13 8:15 a.m.•58 views

CVE-2024-26037

5.4CVSS5.5AI score0.00493EPSS

CVE•added 2025/03/19 5:15 p.m.•58 views

CVE-2024-53969

5.4CVSS5.2AI score0.0022EPSS

CVE•added 2020/02/13 4:15 p.m.•57 views

CVE-2020-3741

Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled resource consumption vulnerability. Successful exploitation could lead to denial-of-service.

7.5CVSS7.3AI score0.02184EPSS

CVE•added 2022/12/21 1:21 a.m.•57 views

CVE-2022-35695

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/21 1:21 a.m.•57 views

CVE-2022-42348

5.4CVSS5AI score0.00594EPSS

CVE•added 2023/03/22 5:15 p.m.•57 views

CVE-2023-22261

5.4CVSS5.1AI score0.00333EPSS

CVE•added 2024/03/18 6:15 p.m.•57 views

CVE-2024-20768

5.4CVSS5.3AI score0.00616EPSS

CVE•added 2024/04/10 9:15 a.m.•57 views

CVE-2024-20778

5.4CVSS5.3AI score0.00583EPSS

CVE•added 2024/06/13 8:15 a.m.•57 views

CVE-2024-26039

5.4CVSS5.5AI score0.00493EPSS

CVE•added 2024/04/10 9:15 a.m.•57 views

CVE-2024-26046

5.4CVSS5.3AI score0.00583EPSS

CVE•added 2024/06/13 8:16 a.m.•57 views

CVE-2024-36227

5.4CVSS5.5AI score0.0145EPSS

CVE•added 2025/03/19 5:15 p.m.•57 views

CVE-2024-53970

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5AI score0.00053EPSS

CVE•added 2022/09/16 6:15 p.m.•56 views

CVE-2022-30678

5.4CVSS5AI score0.01711EPSS

CVE•added 2022/09/16 6:15 p.m.•56 views

CVE-2022-30685

5.4CVSS5AI score0.02306EPSS

Total number of security vulnerabilities915