CVE-2022-28820MEDIUMCVSS 6.1fixed in 5.2.02022-04-21
CVE-2022-28820 [MEDIUM] CWE-79 CVE-2022-28820: ACS Commons version 5.1.x (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerab
ACS Commons version 5.1.x (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in /apps/acs-commons/content/page-compare.html endpoint via the a and b GET parameters. User input submitted via these parameters is not validated or sanitised. An attacker must provide a link to someone with access to AEM Author, and could poten
nvd