Adobe Experience Manager vulnerabilities

962 known vulnerabilities affecting adobe/adobe_experience_manager.

Total CVEs

962

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH14MEDIUM932LOW8

Vulnerabilities

Page 42 of 49

CVE-2023-48462MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48462 [MEDIUM] CWE-79 CVE-2023-48462: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48457MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48457 [MEDIUM] CWE-79 CVE-2023-48457: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48593MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48593 [MEDIUM] CWE-79 CVE-2023-48593: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48499MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48499 [MEDIUM] CWE-79 CVE-2023-48499: Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scriptin Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48589MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48589 [MEDIUM] CWE-79 CVE-2023-48589: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48451MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48451 [MEDIUM] CWE-79 CVE-2023-48451: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48512MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48512 [MEDIUM] CWE-79 CVE-2023-48512: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48458MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48458 [MEDIUM] CWE-79 CVE-2023-48458: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48442MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48442 [MEDIUM] CWE-79 CVE-2023-48442: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48582MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48582 [MEDIUM] CWE-79 CVE-2023-48582: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48464MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48464 [MEDIUM] CWE-79 CVE-2023-48464: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48579MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48579 [MEDIUM] CWE-79 CVE-2023-48579: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48535MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48535 [MEDIUM] CWE-79 CVE-2023-48535: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48614MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48614 [MEDIUM] CWE-79 CVE-2023-48614: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48466MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48466 [MEDIUM] CWE-79 CVE-2023-48466: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48623MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48623 [MEDIUM] CWE-79 CVE-2023-48623: Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scriptin Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48492MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48492 [MEDIUM] CWE-79 CVE-2023-48492: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48523MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48523 [MEDIUM] CWE-79 CVE-2023-48523: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48613MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48613 [MEDIUM] CWE-79 CVE-2023-48613: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48501MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48501 [MEDIUM] CWE-79 CVE-2023-48501: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

← Previous42 / 49Next →