Lucene search

K

875 matches found

CVE
CVE
added 2020/01/15 5:15 p.m.155 views

CVE-2019-16469

Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.5CVSS7.2AI score0.73573EPSS
CVE
CVE
added 2019/07/18 10:15 p.m.104 views

CVE-2019-7955

Adobe Experience Manager version 6.4 and ealier have a Reflected Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.

6.1CVSS5.8AI score0.00934EPSS
CVE
CVE
added 2022/09/30 5:15 p.m.97 views

CVE-2022-28851

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's bro...

5.4CVSS5AI score0.12442EPSS
CVE
CVE
added 2024/06/13 8:16 a.m.93 views

CVE-2024-36236

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires user...

5.4CVSS5.5AI score0.00375EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.89 views

CVE-2024-26042

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the pag...

5.4CVSS5.6AI score0.01681EPSS
CVE
CVE
added 2019/07/18 10:15 p.m.88 views

CVE-2019-7954

Adobe Experience Manager version 6.4 and ealier have a Stored Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.

6.1CVSS5.8AI score0.01182EPSS
CVE
CVE
added 2023/09/13 2:15 p.m.87 views

CVE-2023-38215

Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.1AI score0.00305EPSS
CVE
CVE
added 2023/06/15 7:15 p.m.85 views

CVE-2023-29304

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of th...

5.4CVSS5AI score0.03112EPSS
CVE
CVE
added 2019/07/18 10:15 p.m.82 views

CVE-2019-7953

Adobe Experience Manager version 6.4 and ealier have a Cross-Site Request Forgery vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.

6.5CVSS6.2AI score0.01117EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.82 views

CVE-2022-44474

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.82 views

CVE-2024-26032

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the pag...

5.4CVSS6.2AI score0.01325EPSS
CVE
CVE
added 2024/04/04 9:15 a.m.80 views

CVE-2024-20800

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they bro...

5.4CVSS6.2AI score0.02342EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.80 views

CVE-2024-26028

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00591EPSS
CVE
CVE
added 2021/02/02 11:15 p.m.79 views

CVE-2021-21043

ACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content...

6.1CVSS5.9AI score0.00985EPSS
CVE
CVE
added 2020/12/10 6:15 a.m.77 views

CVE-2020-24445

AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they b...

9CVSS8AI score0.01091EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.77 views

CVE-2023-21615

Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the vic...

5.4CVSS5AI score0.00927EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.77 views

CVE-2024-26034

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00527EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.75 views

CVE-2022-38439

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's bro...

5.4CVSS5.3AI score0.02457EPSS
CVE
CVE
added 2023/09/13 2:15 p.m.75 views

CVE-2023-38214

Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.1AI score0.00305EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.74 views

CVE-2023-22260

Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interact...

5.4CVSS5.1AI score0.00333EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.74 views

CVE-2024-26064

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...

5.4CVSS6.2AI score0.01905EPSS
CVE
CVE
added 2024/06/13 8:16 a.m.74 views

CVE-2024-36217

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00762EPSS
CVE
CVE
added 2022/08/10 8:15 p.m.73 views

CVE-2022-35697

Adobe Experience Manager Core Components version 2.20.6 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5AI score0.00262EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.73 views

CVE-2023-22271

Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for Passwords vulnerability that can lead to a security feature bypass. A low-privileged attacker can exploit this in order to decrypt a user's password. The attack complexity is high since a successful exploitat...

5.3CVSS5.4AI score0.00057EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.73 views

CVE-2024-26052

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.73 views

CVE-2024-26069

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5AI score0.00464EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.72 views

CVE-2023-22254

Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the vic...

5.4CVSS5AI score0.00927EPSS
CVE
CVE
added 2023/03/22 5:15 p.m.72 views

CVE-2023-22264

Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interact...

5.4CVSS5.1AI score0.00333EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.72 views

CVE-2024-26065

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.71 views

CVE-2022-35696

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.00633EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.71 views

CVE-2024-26043

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.70 views

CVE-2022-30683

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could leverage this vulnerability to decrypt secrets, however, this i...

5.3CVSS5.1AI score0.00208EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.70 views

CVE-2024-26040

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.70 views

CVE-2024-26103

Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

5.4CVSS5.6AI score0.00464EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.69 views

CVE-2022-42362

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.69 views

CVE-2022-44473

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.01957EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.69 views

CVE-2024-26056

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2024/06/13 8:16 a.m.69 views

CVE-2024-26127

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect the integrity of the page. Exploitation ...

3.5CVSS5.2AI score0.00099EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.68 views

CVE-2022-44465

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.68 views

CVE-2022-44467

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.68 views

CVE-2022-44468

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.01957EPSS
CVE
CVE
added 2023/06/15 7:15 p.m.68 views

CVE-2023-29322

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of th...

5.4CVSS5AI score0.03814EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.68 views

CVE-2024-26031

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00591EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.68 views

CVE-2024-26044

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...

5.4CVSS6.2AI score0.01681EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.68 views

CVE-2024-26059

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00464EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.68 views

CVE-2024-26062

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5AI score0.00464EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.68 views

CVE-2024-26063

Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information, potentially bypassing security measures. Exp...

5.3CVSS6.7AI score0.00105EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.68 views

CVE-2024-26080

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the pag...

5.4CVSS5.1AI score0.00464EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.68 views

CVE-2024-26101

Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

5.4CVSS5.6AI score0.0044EPSS
CVE
CVE
added 2024/03/18 6:15 p.m.68 views

CVE-2024-26107

Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

5.4CVSS5.6AI score0.00464EPSS
Total number of security vulnerabilities875