Lucene search
+L

831 matches found

CVE
CVE
added 2022/09/30 4:55 p.m.116 views

CVE-2022-28851

CVE-2022-28851 affects Adobe Experience Manager 6.5.13.0 and earlier with a reflected XSS vulnerability. Exploit requires low privileges and user interaction; malicious script runs in the victim’s browser via a crafted URL. Connected sources confirm related Adobe APSB updates for AEM (APSB22-59) ...

5.4CVSS5AI score0.36756EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.109 views

CVE-2024-26042

CVE-2024-26042 affects Adobe Experience Manager (AEM) versions

5.4CVSS5.6AI score0.0054EPSS
CVE
CVE
added 2024/06/13 7:53 a.m.109 views

CVE-2024-36236

CVE-2024-36236 affects Adobe Experience Manager 6.5.20 and earlier with a DOM-based XSS that can allow arbitrary JavaScript in a victim’s browser, typically requiring user interaction. Adobe has released updates (APSB24-28) to fix these issues; customers should upgrade to 6.5.21+ or apply the ava...

5.4CVSS5.5AI score0.00359EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.106 views

CVE-2024-26028

Adobe Experience Manager (AEM) versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability (CVE-2024-26028). The issue occurs in vulnerable form fields where malicious JavaScript can be stored and executed when a user visits the page containing the field. CVE det...

5.4CVSS5.3AI score0.00427EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.101 views

CVE-2022-44474

CVE-2022-44474 is an Adobe Experience Manager (AEM) reflected XSS affecting version 6.5.14 and earlier. The vulnerability allows a low-privileged attacker to entice a user to visit a crafted URL, causing malicious JavaScript to run in the victim’s browser. The primary exploitation detail is a ref...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/09/13 1:1 p.m.101 views

CVE-2023-38215

CVE-2023-38215 affects Adobe Experience Manager (AEM) versions 6.5.17 and earlier. It is a reflected XSS vulnerability: a low-privilege attacker lures a victim to a crafted URL, causing malicious JavaScript to execute in the user’s browser. CVSS v3.1 base score 5.4 (Medium): AV:N/AC:L/PR:L/UI:R/S...

5.4CVSS5.1AI score0.00363EPSS
CVE
CVE
added 2024/04/04 8:59 a.m.101 views

CVE-2024-20800

CVE-2024-20800 affects Adobe Experience Manager versions 6.5.19 and earlier. The issue is a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable web pages, potentially leading to arbitrary code executio...

5.4CVSS6.2AI score0.00459EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.100 views

CVE-2023-21615

Summary of CVE-2023-21615 : Adobe Experience Manager (AEM) 6.5.x up to 6.5.15.0 is affected by a reflected XSS vulnerability. An attacker with low privileges can lure a user to a crafted URL referencing a vulnerable page, causing JavaScript execution in the victim’s browser. The CVSS 3.1 score is...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/06/15 12:0 a.m.100 views

CVE-2023-29304

Summary: CVE-2023-29304 affects Adobe Experience Manager (AEM) 6.5.16.0 and earlier and is a reflected Cross-Site Scripting (XSS) vulnerability. The attack requires a low-privileged user to lure a victim to a crafted URL referencing a vulnerable page, enabling execution of malicious JavaScript in...

5.4CVSS5AI score0.0046EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.99 views

CVE-2024-26032

Adobe Experience Manager (AEM)

5.4CVSS6.2AI score0.0054EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.93 views

CVE-2023-22254

CVE-2023-22254 affects Adobe Experience Manager (AEM) Experience Manager 6.5.15.0 and earlier with a reflected XSS in which a low-privileged attacker entices a victim to visit a crafted URL referencing a vulnerable page, causing malicious JavaScript to run in the victim’s browser. The vulnerabili...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.93 views

CVE-2023-22260

CVE-2023-22260 affects Adobe Experience Manager 6.5.15.0 and earlier. It is a URL Redirection to Untrusted Site (Open Redirect) vulnerability that could be exploited by a low-privilege authenticated user to redirect victims to malicious sites, requiring user interaction. Remediation references up...

5.4CVSS5.1AI score0.00478EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.93 views

CVE-2024-26043

CVE-2024-26043 concerns a stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager (AEM) versions 6.5.19 and earlier. The issue allows an attacker to inject malicious scripts into vulnerable form fields, with JavaScript executed in a victim’s browser upon visiting the affected ...

5.4CVSS5.3AI score0.00427EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.91 views

CVE-2024-26034

Affected product: Adobe Experience Manager (AEM) 6.5.19 and earlier. Vulnerability type: stored Cross-Site Scripting (XSS) in vulnerable form fields. Root cause/impact: malicious JavaScript could be injected and executed in a victim’s browser when viewing pages containing the vulnerable field. Ex...

5.4CVSS5.3AI score0.00427EPSS
CVE
CVE
added 2024/06/13 7:53 a.m.91 views

CVE-2024-36217

CVE-2024-36217 affects Adobe Experience Manager (AEM) 6.5.20 and earlier. The vulnerability is a stored XSS in vulnerable form fields, allowing malicious JavaScript to run in a victim’s browser when loading the page containing the field. The CVE entry notes a MEDIUM base score (CVSS 3.1: 5.4) wit...

5.4CVSS5.3AI score0.00313EPSS
CVE
CVE
added 2022/09/23 6:15 p.m.89 views

CVE-2022-38439

Adobe Experience Manager (AEM) versions 6.5.13.0 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. Exploitation requires low-privilege access and user interaction (victim must visit a crafted URL), potentially allowing execution of malicious JavaScript in the victi...

5.4CVSS5.3AI score0.00515EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.89 views

CVE-2022-44463

CVE-2022-44463 affects Adobe Experience Manager (AEM) 6.5.14 and earlier. A reflected Cross-Site Scripting (XSS) vulnerability can execute malicious JavaScript in the victim’s browser if a user is lured to a vulnerable page URL. The CVE description specifies low-privileged, network-access conditi...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.89 views

CVE-2023-22252

CVE-2023-22252 affects Adobe Experience Manager (AEM) Experience Manager 6.5.15.0 and earlier, with a reflected XSS flaw that can execute malicious JavaScript in a victim’s browser when a user is lured to a vulnerable URL. CVSS‑3.1 base score 5.4 (MEDIUM): confidentiality and integrity impact LOW...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.89 views

CVE-2023-22271

Adobe Experience Manager (AEM) 6.5.x

5.3CVSS5.4AI score0.00818EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.89 views

CVE-2024-26056

Adobe Experience Manager (AEM)

5.4CVSS5.3AI score0.00427EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.89 views

CVE-2024-26069

Adobe Experience Manager (AEM) versions 6.5.19 and earlier are affected by a stored XSS vulnerability in vulnerable form fields that can inject malicious JavaScript executed in a victim’s browser. Contributing details from connected sources confirm the issue is a stored XSS (CWE-79) and that expl...

5.4CVSS5AI score0.00427EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.88 views

CVE-2022-35696

Adobe Experience Manager (AEM) 6.5.14 and earlier is affected by a reflected Cross-Site Scripting (XSS) vulnerability. The issue arises from inadequate protection of the web page structure, enabling a remote attacker to lure a victim to a crafted URL and cause JavaScript to run in the user’s brow...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.88 views

CVE-2024-26044

CVE-2024-26044 affects Adobe Experience Manager (AEM) 6.5.19 and earlier with a DOM-based XSS vulnerability in the web page handling that could cause malicious JavaScript to execute in a victim’s browser, potentially enabling arbitrary code execution in the browser context. The issue is documente...

5.4CVSS6.2AI score0.0054EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.88 views

CVE-2024-26052

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. An attacker could inject malicious JavaScript that executes in a victim’s browser when loading the page containing the field. The CVE-2024-26052 entry ...

5.4CVSS5.3AI score0.00427EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.87 views

CVE-2023-22264

Adobe Experience Manager (AEM) 6.5.15.0 and earlier is affected by a URL redirection to untrusted site vulnerability (CVE-2023-22264). The issue allows a low‑privilege authenticated attacker to induce redirection to a malicious site, requiring user interaction. Mitigation in the public advisory A...

5.4CVSS5.1AI score0.00478EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.87 views

CVE-2024-26062

Adobe Experience Manager (AEM) up to version 6.5.19 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, allowing injected JavaScript to execute in a victim’s browser when visiting pages containing those fields. The root cause involves improper h...

5.4CVSS5AI score0.00427EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.87 views

CVE-2024-26064

Adobe Experience Manager is affected in versions 6.5.19 and earlier by a DOM‑based XSS vulnerability (CVE-2024-26064). The issue allows an attacker to inject malicious scripts that execute in the victim’s browser when they visit a page containing the vulnerable script, potentially leading to arbi...

5.4CVSS6.2AI score0.0054EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.87 views

CVE-2024-26065

Adobe Experience Manager (AEM) 6.5.19 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, enabling injected JavaScript to run in a user’s browser when visiting the page with the field. Connected sources confirm the issue affects AEM versions up ...

5.4CVSS5.3AI score0.00427EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.87 views

CVE-2024-26080

Adobe Experience Manager

5.4CVSS5.1AI score0.00427EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.87 views

CVE-2024-26103

Adobe Experience Manager (AEM) 6.5.19 and earlier is affected by a reflected Cross‑Site Scripting (XSS) vulnerability (CVE-2024-26103) that can execute malicious JavaScript in a victim’s browser when a user visits a crafted URL referencing a vulnerable page. The CVSS 3.1 base score is 5.4 (Medium...

5.4CVSS5.6AI score0.00427EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.86 views

CVE-2022-42362

CVE-2022-42362 concerns Adobe Experience Manager (AEM) 6.5.14 and earlier, with a reflected Cross-Site Scripting (XSS) vulnerability. An attacker who lure a user to a crafted URL can cause malicious JavaScript to run in the victim’s browser context. The available connected documents confirm the a...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.86 views

CVE-2022-44467

Adobe Experience Manager 6.5.14 and earlier are affected by a reflected XSS vulnerability (CVE-2022-44467). The issue allows a low-privilege attacker to entice a user to visit a crafted URL, causing arbitrary JavaScript execution in the user’s browser. Affected component: AEM web UI/pages referen...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.85 views

CVE-2024-26125

CVE-2024-26125 affects Adobe Experience Manager 6.5.19 and earlier, describing a stored XSS in vulnerable form fields that could execute malicious JavaScript in a victim’s browser. Connected sources corroborate an XSS family (stored and DOM-based variants) with multiple CVEs referenced in APSB24-...

5.4CVSS5.3AI score0.00427EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.84 views

CVE-2022-42366

Adobe Experience Manager (AEM)

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.84 views

CVE-2023-22257

Adobe Experience Manager (AEM) 6.5.15.0 and earlier is affected by a URL redirect to an untrusted site (Open Redirect). The issue enables a low-privilege authenticated attacker to redirect users to a malicious site and requires user interaction. Remediation per APSB23-18 is to apply the security ...

5.4CVSS5.1AI score0.00478EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.84 views

CVE-2024-26038

CVE-2024-26038 concerns Adobe Experience Manager (AEM) versions 6.5.19 and earlier. A stored Cross-Site Scripting (XSS) vulnerability exists in vulnerable form fields, allowing an attacker to inject and have malicious JavaScript executed in a victim’s browser when visiting a page containing the f...

5.4CVSS5.3AI score0.00427EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.84 views

CVE-2024-26040

CVE-2024-26040 affects Adobe Experience Manager 6.5.19 and earlier with a stored XSS in vulnerable form fields. Exploitation requires user interaction; malicious JavaScript can run in the victim’s browser when loading a page containing the affected field. A related advisory (APSB24-05) and Nessus...

5.4CVSS5.3AI score0.00427EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.84 views

CVE-2024-26119

CVE-2024-26119 affects Adobe Experience Manager 6.5.19 and earlier. The issue is an Information Exposure vulnerability that could enable a security feature bypass with low confidentiality impact. Exploitation does not require user interaction and can occur over the network (no vectors described b...

5.3CVSS5.6AI score0.00644EPSS
CVE
CVE
added 2024/06/13 7:52 a.m.84 views

CVE-2024-26127

CVE-2024-26127 affects Adobe Experience Manager (AEM) versions 6.5.20 and earlier. The issue is an Improper Input Validation that can lead to a security feature bypass, enabling a low-privileged attacker to affect page integrity. Exploitation requires user interaction, and the base CVSS v3.1 scor...

3.5CVSS5.2AI score0.00674EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.83 views

CVE-2022-42357

Adobe Experience Manager (AEM) versions 6.5.14 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability triggered when a victim is enticed to visit a crafted URL, allowing malicious JavaScript to run in the victim’s browser. The vulnerability is described across multiple s...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.83 views

CVE-2022-44462

CVE-2022-44462 affects Adobe Experience Manager (AEM) 6.5.14 and earlier, with a reflected XSS vulnerability that a low-privileged attacker can trigger by convincing a victim to visit a crafted URL, enabling execution of malicious JavaScript in the victim’s browser. The issue is documented across...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2022/12/19 10:0 a.m.83 views

CVE-2022-44473

CVE-2022-44473 affects Adobe Experience Manager (AEM) versions 6.5.14 and earlier. A reflected XSS vulnerability allows a low-privileged attacker to lure a victim to a crafted URL, causing arbitrary JavaScript to execute in the victim’s browser. Root cause is described as insufficient protection ...

5.4CVSS5AI score0.00708EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.83 views

CVE-2024-26063

CVE-2024-26063 affects Adobe Experience Manager up to 6.5.19 and earlier. It is an Information Exposure vulnerability leading to a security feature bypass, exploitable without user interaction. CVSS v3.1 base score 5.3 (Medium). Remediation per connected documents: apply the APSB24-05 update; upg...

5.3CVSS6.7AI score0.00603EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.83 views

CVE-2024-26101

Adobe Experience Manager (AEM) 6.5.19 and earlier is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Attack requires convincing a victim to visit a URL referencing a vulnerable page, allowing malicious JavaScript to execute in the victim’s browser. CVSSv3.1 base score 5.4 (MEDIU...

5.4CVSS5.6AI score0.00401EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.83 views

CVE-2024-26105

Adobe Experience Manager (AEM) versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability, enabling malicious JavaScript to run in a victim’s browser when a user visits a crafted URL. The issue is described with a CVSS v3.1 base score of 5.4 (Medium) with net...

5.4CVSS5.1AI score0.00427EPSS
CVE
CVE
added 2024/03/18 5:54 p.m.83 views

CVE-2024-26107

Adobe Experience Manager (AEM) 6.5.19 and earlier is affected by a reflected XSS vulnerability (CVE-2024-26107). The issue exists in vulnerable pages where crafted URLs can execute malicious JavaScript in the victim’s browser. Public references in the connected documents identify a remediation vi...

5.4CVSS5.6AI score0.00427EPSS
CVE
CVE
added 2022/12/21 1:21 a.m.82 views

CVE-2022-30679

Adobe Experience Manager (AEM) 6.5.14 and earlier is affected by a reflected Cross-Site Scripting (XSS) vulnerability (CVE-2022-30679). A low-privileged attacker can entice a victim to visit a crafted URL, enabling malicious JavaScript to run in the victim’s browser. CVSS metrics indicate Network...

5.4CVSS5AI score0.0048EPSS
CVE
CVE
added 2022/09/23 6:15 p.m.82 views

CVE-2022-38438

CVE-2022-38438 affects Adobe Experience Manager versions 6.5.13.0 and earlier with a reflected Cross-Site Scripting (XSS) vulnerability. The issue can be triggered when a victim is convinced to visit a vulnerable URL, allowing malicious JavaScript to execute in the browser context. Exploitation r...

5.4CVSS5AI score0.00719EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.82 views

CVE-2023-22261

Adobe Experience Manager (AEM) 6.5.15.0 and earlier is affected by a URL redirection to an untrusted site vulnerability (Open Redirect). A low-privilege authenticated user can trigger redirects to malicious sites, with exploitation requiring user interaction. Remediation: update to 6.5.16.0 or la...

5.4CVSS5.1AI score0.00478EPSS
CVE
CVE
added 2023/06/15 12:0 a.m.82 views

CVE-2023-29322

Adobe Experience Manager versions 6.5.16.0 and earlier are affected by a reflected XSS vulnerability (CVE-2023-29322). A low-privileged attacker can lure a victim to a crafted URL that executes malicious JavaScript in the victim’s browser. Remediation: update to AEM 6.5.17.0 or apply vendor-suppl...

5.4CVSS5AI score0.00489EPSS
Total number of security vulnerabilities831