Adobe Experience Manager vulnerabilities

962 known vulnerabilities affecting adobe/adobe_experience_manager.

Total CVEs

962

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH14MEDIUM932LOW8

Vulnerabilities

Page 37 of 49

CVE-2024-26040MEDIUMCVSS 5.4≤ 6.5.192024-03-18

CVE-2024-26040 [MEDIUM] CWE-79 CVE-2024-26040: Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-26045MEDIUMCVSS 5.4≤ 6.5.192024-03-18

CVE-2024-26045 [MEDIUM] CWE-79 CVE-2024-26045: Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-26061MEDIUMCVSS 5.4≤ 6.5.192024-03-18

CVE-2024-26061 [MEDIUM] CWE-79 CVE-2024-26061: Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-26069MEDIUMCVSS 5.4≤ 6.5.192024-03-18

CVE-2024-26069 [MEDIUM] CWE-79 CVE-2024-26069: Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-26050MEDIUMCVSS 4.8≤ 6.5.192024-03-18

CVE-2024-26050 [MEDIUM] CWE-79 CVE-2024-26050: Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-26065MEDIUMCVSS 5.4≤ 6.5.192024-03-18

CVE-2024-26065 [MEDIUM] CWE-79 CVE-2024-26065: Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-26096MEDIUMCVSS 5.4≤ 6.5.192024-03-18

CVE-2024-26096 [MEDIUM] CWE-79 CVE-2024-26096: Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-26043MEDIUMCVSS 5.4≤ 6.5.192024-03-18

CVE-2024-26043 [MEDIUM] CWE-79 CVE-2024-26043: Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-51463MEDIUMCVSS 5.4≤ 6.5.182024-01-18

CVE-2023-51463 [MEDIUM] CWE-79 CVE-2023-51463: Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scriptin Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-51464MEDIUMCVSS 5.4≤ 6.5.182024-01-18

CVE-2023-51464 [MEDIUM] CWE-79 CVE-2023-51464: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-51460MEDIUMCVSS 5.4≤ 6.5.182023-12-20

CVE-2023-51460 [MEDIUM] CWE-79 CVE-2023-51460: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-51459MEDIUMCVSS 5.4≤ 6.5.182023-12-20

CVE-2023-51459 [MEDIUM] CWE-79 CVE-2023-51459: Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scriptin Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-51457MEDIUMCVSS 5.4≤ 6.5.182023-12-20

CVE-2023-51457 [MEDIUM] CWE-79 CVE-2023-51457: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-51462MEDIUMCVSS 5.4≤ 6.5.182023-12-20

CVE-2023-51462 [MEDIUM] CWE-79 CVE-2023-51462: Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scriptin Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-51461MEDIUMCVSS 5.4≤ 6.5.182023-12-20

CVE-2023-51461 [MEDIUM] CWE-79 CVE-2023-51461: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-51458MEDIUMCVSS 5.4≤ 6.5.182023-12-20

CVE-2023-51458 [MEDIUM] CWE-79 CVE-2023-51458: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48529MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48529 [MEDIUM] CWE-79 CVE-2023-48529: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48616MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48616 [MEDIUM] CWE-79 CVE-2023-48616: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48538MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48538 [MEDIUM] CWE-79 CVE-2023-48538: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48487MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48487 [MEDIUM] CWE-79 CVE-2023-48487: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

← Previous37 / 49Next →