Adobe Experience Manager versions 6.5.19 and previous versions are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an malicious user to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim's browser. Exploitation of this issue requires user interaction.
Vulmon