CVE-2024-53967
published 2025-03-19CVE-2024-53967: Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. By manipulating the DOM environment in the victim's browser, a low privileged attacker can inject malicious scripts that are executed by the victim's browser. Exploitation of this issue requires user interaction, typically in the form of following a malicious link.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | adobe_experience_manager | <= 6.5.21 | — |
| adobe | experience_manager | < 6.5.22.0 | 6.5.22.0 |
| adobe | experience_manager | < 2024.11.0 | 2024.11.0 |
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-19
Published