Description
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Adobe | Adobe Experience Manager | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-23399 | Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
References
History
Tue, 03 Dec 2024 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:* cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:* |
Mon, 07 Oct 2024 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | AMS XSS - /libs/cq/searchpromote/components/linklist/facetcontent.jsp (retest 1727942) | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
MITRE
Status: PUBLISHED
Assigner: adobe
Published:
Updated: 2024-10-07T14:18:08.469Z
Reserved: 2024-02-14T17:37:23.402Z
Link: CVE-2024-26105
Vulnrichment
Updated: 2024-08-01T23:59:32.158Z
NVD
Status : Analyzed
Published: 2024-03-18T18:15:18.100
Modified: 2024-12-03T16:28:02.483
Link: CVE-2024-26105
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses