Experience Manager Security Vulnerabilities and Issues — Experience Manager CVE List

Lucene search

AdobeExperience Manager

795 matches found

CVE•added 2022/09/30 5:15 p.m.•97 views

CVE-2022-28851

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's bro...

5.4CVSS5AI score0.12442EPSS

CVE•added 2024/06/13 8:16 a.m.•93 views

CVE-2024-36236

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires user...

5.4CVSS5.5AI score0.01203EPSS

CVE•added 2024/03/18 6:15 p.m.•89 views

CVE-2024-26042

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the pag...

5.4CVSS5.6AI score0.01681EPSS

CVE•added 2023/09/13 2:15 p.m.•87 views

CVE-2023-38215

Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.1AI score0.00305EPSS

CVE•added 2023/06/15 7:15 p.m.•85 views

CVE-2023-29304

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of th...

5.4CVSS5AI score0.03112EPSS

CVE•added 2022/12/21 1:21 a.m.•82 views

CVE-2022-44474

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5AI score0.02063EPSS

CVE•added 2024/03/18 6:15 p.m.•82 views

CVE-2024-26032

5.4CVSS6.2AI score0.01325EPSS

CVE•added 2024/04/04 9:15 a.m.•80 views

CVE-2024-20800

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they bro...

5.4CVSS6.2AI score0.02342EPSS

CVE•added 2024/03/18 6:15 p.m.•80 views

CVE-2024-26028

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.00591EPSS

CVE•added 2023/03/22 5:15 p.m.•77 views

CVE-2023-21615

Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the vic...

5.4CVSS5AI score0.00927EPSS

CVE•added 2024/03/18 6:15 p.m.•77 views

CVE-2024-26034

5.4CVSS5.3AI score0.00527EPSS

CVE•added 2022/09/23 7:15 p.m.•75 views

CVE-2022-38439

5.4CVSS5.3AI score0.02457EPSS

CVE•added 2023/09/13 2:15 p.m.•75 views

CVE-2023-38214

5.4CVSS5.1AI score0.00305EPSS

CVE•added 2023/03/22 5:15 p.m.•74 views

CVE-2023-22260

Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interact...

5.4CVSS5.1AI score0.00333EPSS

CVE•added 2024/03/18 6:15 p.m.•74 views

CVE-2024-26064

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...

5.4CVSS6.2AI score0.01905EPSS

CVE•added 2024/06/13 8:16 a.m.•74 views

CVE-2024-36217

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.01072EPSS

CVE•added 2022/08/10 8:15 p.m.•73 views

CVE-2022-35697

Adobe Experience Manager Core Components version 2.20.6 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5AI score0.00262EPSS

CVE•added 2023/03/22 5:15 p.m.•73 views

CVE-2023-22271

Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for Passwords vulnerability that can lead to a security feature bypass. A low-privileged attacker can exploit this in order to decrypt a user's password. The attack complexity is high since a successful exploitat...

5.3CVSS5.4AI score0.00057EPSS

CVE•added 2024/03/18 6:15 p.m.•73 views

CVE-2024-26052

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•73 views

CVE-2024-26069

5.4CVSS5AI score0.00464EPSS

CVE•added 2023/03/22 5:15 p.m.•72 views

CVE-2023-22254

5.4CVSS5AI score0.00927EPSS

CVE•added 2023/03/22 5:15 p.m.•72 views

CVE-2023-22264

5.4CVSS5.1AI score0.00333EPSS

CVE•added 2024/03/18 6:15 p.m.•72 views

CVE-2024-26065

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2022/12/19 10:0 a.m.•71 views

CVE-2022-35696

5.4CVSS5AI score0.00633EPSS

CVE•added 2024/03/18 6:15 p.m.•71 views

CVE-2024-26043

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2022/09/16 6:15 p.m.•70 views

CVE-2022-30683

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could leverage this vulnerability to decrypt secrets, however, this i...

5.3CVSS5.1AI score0.00208EPSS

CVE•added 2024/03/18 6:15 p.m.•70 views

CVE-2024-26040

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•70 views

CVE-2024-26103

Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

5.4CVSS5.6AI score0.00464EPSS

CVE•added 2022/12/21 1:21 a.m.•69 views

CVE-2022-42362

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/19 10:0 a.m.•69 views

CVE-2022-44473

5.4CVSS5AI score0.01957EPSS

CVE•added 2024/03/18 6:15 p.m.•69 views

CVE-2024-26056

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2022/12/21 1:21 a.m.•68 views

CVE-2022-44465

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/21 1:21 a.m.•68 views

CVE-2022-44467

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/19 10:0 a.m.•68 views

CVE-2022-44468

5.4CVSS5AI score0.01957EPSS

CVE•added 2023/06/15 7:15 p.m.•68 views

CVE-2023-29322

5.4CVSS5AI score0.03814EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26031

5.4CVSS5.3AI score0.00591EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26044

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...

5.4CVSS6.2AI score0.01681EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26059

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26062

5.4CVSS5AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26063

Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information, potentially bypassing security measures. Exp...

5.3CVSS6.7AI score0.00105EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26080

5.4CVSS5.1AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26101

5.4CVSS5.6AI score0.0044EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26107

5.4CVSS5.6AI score0.00464EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26119

Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to achieve a low-confidentiality impact within the application. Exploitation of this issue does no...

5.3CVSS5.6AI score0.00258EPSS

CVE•added 2024/03/18 6:15 p.m.•68 views

CVE-2024-26125

5.4CVSS5.3AI score0.00464EPSS

CVE•added 2022/09/23 7:15 p.m.•67 views

CVE-2022-38438

5.4CVSS5AI score0.00468EPSS

CVE•added 2022/12/21 1:21 a.m.•67 views

CVE-2022-44463

5.4CVSS5AI score0.02063EPSS

CVE•added 2022/12/19 10:0 a.m.•67 views

CVE-2022-44469