Description
Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Adobe | Adobe Experience Manager | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-23407 | Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
References
History
Mon, 07 Oct 2024 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | AMS XSS - /libs/fd/af/components/guidetermsandconditions (retest of 2090056 - new issue) | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
MITRE
Status: PUBLISHED
Assigner: adobe
Published:
Updated: 2024-10-07T13:18:59.252Z
Reserved: 2024-02-14T17:37:23.403Z
Link: CVE-2024-26113
Vulnrichment
Updated: 2024-08-01T23:59:32.535Z
NVD
Status : Modified
Published: 2024-06-13T08:15:58.323
Modified: 2024-11-21T09:01:57.670
Link: CVE-2024-26113
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses