Experience Manager Security Vulnerabilities and Issues — Experience Manager CVE List

Lucene search

AdobeExperience Manager

4 matches found

CVE•added 2016/02/10 8:59 p.m.•109 views

CVE-2016-0956

The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors.

7.8CVSS7AI score0.13277EPSS

CVE•added 2016/02/10 8:59 p.m.•82 views

CVE-2016-0957

Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors.

7.8CVSS7.4AI score0.91105EPSS

CVE•added 2016/02/10 8:59 p.m.•54 views

CVE-2016-0958

Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object.

7.8CVSS7.5AI score0.00643EPSS

CVE•added 2016/02/10 8:59 p.m.•37 views

CVE-2016-0955

Cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM) 6.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a folder title field that is mishandled in the Deletion popup dialog.

6.1CVSS5.8AI score0.00334EPSS