Filtered by vendor Adobe
Subscriptions
Filtered by product Experience Manager
Subscriptions
Total
551 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-48447 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-48446 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-48445 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-48444 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | ||||
CVE-2023-48443 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-48442 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | ||||
CVE-2023-48441 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 5.3 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by an Improper Access Control vulnerability. An attacker could leverage this vulnerability to achieve a low-confidentiality impact within the application. Exploitation of this issue does not require user interaction. | ||||
CVE-2023-48440 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | ||||
CVE-2023-47065 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-47064 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | ||||
CVE-2023-38215 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-38214 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-29322 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-29307 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction. | ||||
CVE-2023-29304 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-29302 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-22271 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.3 Medium |
Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for Passwords vulnerability that can lead to a security feature bypass. A low-privileged attacker can exploit this in order to decrypt a user's password. The attack complexity is high since a successful exploitation requires to already have in possession this encrypted secret. | ||||
CVE-2023-22269 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
CVE-2023-22266 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction. | ||||
CVE-2023-22265 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 5.4 Medium |
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction. |