Description
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Adobe | Adobe Experience Manager | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-23395 | Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
References
History
Tue, 03 Dec 2024 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:* cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:* |
Mon, 07 Oct 2024 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | AMS XSS - /libs/cq/searchpromote/components/colors/facetcontent.jsp (retest 1727950) | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
MITRE
Status: PUBLISHED
Assigner: adobe
Published:
Updated: 2024-10-07T14:18:56.098Z
Reserved: 2024-02-14T17:37:23.402Z
Link: CVE-2024-26101
Vulnrichment
Updated: 2024-08-01T23:59:32.208Z
NVD
Status : Analyzed
Published: 2024-03-18T18:15:17.123
Modified: 2024-12-03T16:27:19.990
Link: CVE-2024-26101
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses