Experience Manager@* Security Vulnerabilities and Issues — Page 7 of Experience Manager@* CVE List

CVE-2024-36153

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00936EPSS

CVE-2024-36154

CVE-2024-36157

CVE-2024-36162

CVE-2024-36165

5.4CVSS5.5AI score0.00816EPSS

CVE-2024-36183

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically req...

5.4CVSS5.3AI score0.0145EPSS

CVE-2024-36215

6.1CVSS5.5AI score0.01811EPSS

CVE-2024-36216

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.3AI score0.0145EPSS

CVE-2024-36225

5.4CVSS5.3AI score0.01072EPSS

CVE-2024-36232

CVE•added 2024/08/23 5:15 p.m.•44 views

CVE-2024-41878

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to inject and execute arbitrary JavaScript code within the context of the user's browser session. Exploitation of this issue requires...

5.4CVSS5.2AI score0.00237EPSS

5.4CVSS6.1AI score0.00201EPSS

CVE-2024-43714

Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user inpu...

5.4CVSS6.1AI score0.00201EPSS

CVE-2024-43721

5.4CVSS5.9AI score0.00038EPSS

CVE-2024-43735

Adobe Experience Manager versions 6.5.21 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

CVE-2024-43737

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-43740

CVE-2024-52849

CVE-2024-52858

CVE•added 2025/02/05 12:15 a.m.•44 views

CVE-2024-53962

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.4AI score0.0004EPSS

CVE•added 2023/12/15 11:15 a.m.•43 views

CVE-2023-48608

Adobe Experience Manager versions 6.5.18 and earlier are affected by an Improper Input Validation vulnerability. A low-privileged attacker could leverage this vulnerability to achieve a low-integrity impact within the application. Exploitation of this issue requires user interaction.

3.5CVSS4AI score0.00488EPSS

CVE•added 2023/12/15 11:15 a.m.•43 views

CVE-2023-48624

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5AI score0.00847EPSS

CVE•added 2024/06/13 8:15 a.m.•43 views

CVE-2024-26071

5.4CVSS5.3AI score0.01257EPSS

CVE-2024-36161

CVE-2024-36166

CVE-2024-36167

CVE-2024-36172

CVE-2024-36175

CVE-2024-36177

CVE-2024-36186

5.4CVSS5.5AI score0.01257EPSS

CVE-2024-36190

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires us...

CVE-2024-36193

5.4CVSS5.5AI score0.01072EPSS

CVE-2024-36224

5.4CVSS5.5AI score0.01072EPSS

CVE-2024-36233

5.4CVSS6.1AI score0.00201EPSS

CVE-2024-43719

CVE-2024-43734

CVE-2024-43748

CVE•added 2024/11/07 10:15 p.m.•43 views

CVE-2024-49524

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user inpu...

5.4CVSS5.2AI score0.01392EPSS

CVE-2024-52861

CVE-2024-52862

CVE•added 2017/08/11 7:29 p.m.•42 views

CVE-2017-3107

Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.

7.5CVSS7.5AI score0.09607EPSS

CVE•added 2020/01/15 5:15 p.m.•42 views

CVE-2019-16468

Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.5CVSS7.1AI score0.04248EPSS

CVE•added 2023/12/15 11:15 a.m.•42 views

CVE-2023-48601

Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.4AI score0.00253EPSS

CVE•added 2024/06/13 8:15 a.m.•42 views

CVE-2024-26068