Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
experience manager vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-19724
Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager 6.2.0
Adobe Experience Manager 6.3.0
Adobe Experience Manager 6.4.0
383
VMScore
CVE-2019-8234
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site request forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager 6.2
Adobe Experience Manager 6.4
Adobe Experience Manager 6.3
383
VMScore
CVE-2018-4876
Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function.
Adobe Experience Manager 6.2.0
Adobe Experience Manager 6.1.0
Adobe Experience Manager 6.3.0
1 Article
383
VMScore
CVE-2016-4168
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Adobe Experience Manager 6.1.0
Adobe Experience Manager 6.0.0
Adobe Experience Manager 5.6.1
445
VMScore
CVE-2016-4169
Adobe Experience Manager 6.0, 6.1, and 6.2 allow malicious users to obtain sensitive audit log event information via unspecified vectors.
Adobe Experience Manager 6.0.0
Adobe Experience Manager 6.1.0
Adobe Experience Manager 6.2.0
535
VMScore
CVE-2020-9732
The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in...
Adobe Experience Manager
Adobe Experience Manager Forms 6.4.8.1
Adobe Experience Manager Forms 6.5.5.0
445
VMScore
CVE-2020-9733
An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. If exploited, this could lead to read-only access to sensitive data in an AEM repository.
Adobe Experience Manager
Adobe Experience Manager Forms 6.4.8.1
Adobe Experience Manager Forms 6.5.5.0
NA
CVE-2022-30677
Adobe Experience Manager versions 6.5.13.0 (and previous versions) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within th...
Adobe Experience Manager
Adobe Experience Manager -
NA
CVE-2022-30682
Adobe Experience Manager versions 6.5.13.0 (and previous versions) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within th...
Adobe Experience Manager
Adobe Experience Manager -
NA
CVE-2022-30683
Adobe Experience Manager versions 6.5.13.0 (and previous versions) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could leverage this vulnerability to dec...
Adobe Experience Manager
Adobe Experience Manager -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »