Description
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Adobe | Adobe Experience Manager | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-23396 | Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
References
History
Tue, 03 Dec 2024 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:* cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:* |
Mon, 07 Oct 2024 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | AMS XSS - /libs/cq/searchpromote/components/results/results.jsp (retest 1727900) | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
MITRE
Status: PUBLISHED
Assigner: adobe
Published:
Updated: 2024-10-07T14:18:44.101Z
Reserved: 2024-02-14T17:37:23.402Z
Link: CVE-2024-26102
Vulnrichment
Updated: 2024-08-01T23:59:32.522Z
NVD
Status : Analyzed
Published: 2024-03-18T18:15:17.370
Modified: 2024-12-03T16:27:31.687
Link: CVE-2024-26102
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses