Experience Manager@6.2.0 Security Vulnerabilities and Issues — Experience Manager@6.2.0 CVE List

Lucene search

AdobeExperience Manager6.2.0

15 matches found

CVE•added 2016/12/15 6:59 a.m.•97 views

CVE-2016-6933

Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks.

6.1CVSS5.9AI score0.01191EPSS

CVE•added 2018/10/17 6:29 p.m.•46 views

CVE-2018-15971

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.01145EPSS

CVE•added 2017/12/09 6:29 a.m.•45 views

CVE-2017-11296

An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager.

6.1CVSS5.9AI score0.01471EPSS

CVE•added 2019/01/28 6:29 p.m.•45 views

CVE-2018-19724

Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.01145EPSS

CVE•added 2017/12/09 6:29 a.m.•44 views

CVE-2017-3109

An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Adobe Experience Manager has a reflected cross-site scripting vulnerability in the HtmlRendererServlet.

6.1CVSS5.9AI score0.01471EPSS

CVE•added 2019/01/28 6:29 p.m.•44 views

CVE-2018-19726

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.01145EPSS

CVE•added 2016/12/15 6:59 a.m.•43 views

CVE-2016-7883

Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks.

6.1CVSS6AI score0.01316EPSS

CVE•added 2018/10/17 6:29 p.m.•43 views

CVE-2018-15973

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.01011EPSS

CVE•added 2018/02/27 5:29 a.m.•40 views

CVE-2018-4876

Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function.

6.1CVSS5.9AI score0.00441EPSS

CVE•added 2016/08/09 8:59 p.m.•39 views

CVE-2016-4253

The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors.

5.3CVSS5AI score0.0268EPSS

CVE•added 2016/08/09 8:59 p.m.•37 views

CVE-2016-4169

Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event information via unspecified vectors.

5.3CVSS5AI score0.02399EPSS

CVE•added 2017/12/09 6:29 a.m.•36 views

CVE-2017-3111

An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances.

7.5CVSS7.4AI score0.09607EPSS

CVE•added 2018/10/17 6:29 p.m.•35 views

CVE-2018-15970

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.01145EPSS

CVE•added 2018/10/17 6:29 p.m.•35 views

CVE-2018-15972

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.00982EPSS

CVE•added 2016/08/09 8:59 p.m.•31 views

CVE-2016-4170

Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1CVSS5.9AI score0.00752EPSS