Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
experience manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-4876
Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function.
Adobe Experience Manager 6.2.0
Adobe Experience Manager 6.1.0
Adobe Experience Manager 6.3.0
1 Article
4.3
CVSSv2
CVE-2018-19724
Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager 6.2.0
Adobe Experience Manager 6.3.0
Adobe Experience Manager 6.4.0
4.3
CVSSv2
CVE-2019-8083
Adobe Experience Manager versions 6.5, 6.4 and 6.3 have a cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager 6.3
Adobe Experience Manager 6.4
Adobe Experience Manager 6.5
4.3
CVSSv2
CVE-2019-8078
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager 6.3
Adobe Experience Manager 6.4
Adobe Experience Manager 6.2
5
CVSSv2
CVE-2019-8082
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager 6.2
Adobe Experience Manager 6.3
Adobe Experience Manager 6.4
6
CVSSv2
CVE-2020-9732
The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in...
Adobe Experience Manager
Adobe Experience Manager Forms 6.4.8.1
Adobe Experience Manager Forms 6.5.5.0
5
CVSSv2
CVE-2020-9733
An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. If exploited, this could lead to read-only access to sensitive data in an AEM repository.
Adobe Experience Manager
Adobe Experience Manager Forms 6.4.8.1
Adobe Experience Manager Forms 6.5.5.0
NA
CVE-2023-48440
Adobe Experience Manager versions 6.5.18 and previous versions are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged malicious user to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed i...
Adobe Experience Manager -
Adobe Experience Manager
NA
CVE-2023-48441
Adobe Experience Manager versions 6.5.18 and previous versions are affected by an Improper Access Control vulnerability. An attacker could leverage this vulnerability to achieve a low-confidentiality impact within the application. Exploitation of this issue does not require user ...
Adobe Experience Manager -
Adobe Experience Manager
NA
CVE-2023-48442
Adobe Experience Manager versions 6.5.18 and previous versions are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged malicious user to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed i...
Adobe Experience Manager -
Adobe Experience Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »