acs-aem-commons is vulnerable to cross-site scripting. An attacker is able to inject and execute malicious script via the a
and b
GET parameters in page compare when a victim with access to AEM Author visits the page.
CPE | Name | Operator | Version |
---|---|---|---|
acs aem commons - reactor project | le | 5.1.2 | |
acs aem commons - reactor project | le | 5.1.2 |