Adobe Experience Manager vulnerabilities

1,088 known vulnerabilities affecting adobe/experience_manager.

Total CVEs

1,088

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL11HIGH27MEDIUM1042LOW8

Vulnerabilities

Page 23 of 55

CVE-2024-52991MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52991 [MEDIUM] CWE-79 CVE-2024-52991: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-52828MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52828 [MEDIUM] CWE-79 CVE-2024-52828: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-52855MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52855 [MEDIUM] CWE-79 CVE-2024-52855: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-52840MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52840 [MEDIUM] CWE-79 CVE-2024-52840: Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scriptin Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run

nvd

CVE-2024-52832MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52832 [MEDIUM] CWE-79 CVE-2024-52832: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-43745MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-43745 [MEDIUM] CWE-79 CVE-2024-43745: Adobe Experience Manager versions 6.5.21 and earlier are affected by a reflected Cross-Site Scriptin Adobe Experience Manager versions 6.5.21 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2024-52822MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52822 [MEDIUM] CWE-79 CVE-2024-52822: Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scriptin Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run

nvd

CVE-2024-52865MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52865 [MEDIUM] CWE-79 CVE-2024-52865: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-43751MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-43751 [MEDIUM] CWE-79 CVE-2024-43751: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-43752MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-43752 [MEDIUM] CWE-79 CVE-2024-43752: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-52858MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52858 [MEDIUM] CWE-79 CVE-2024-52858: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-52817MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52817 [MEDIUM] CWE-79 CVE-2024-52817: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-52818MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52818 [MEDIUM] CWE-79 CVE-2024-52818: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-43730MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-43730 [MEDIUM] CWE-79 CVE-2024-43730: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-43714MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-43714 [MEDIUM] CWE-79 CVE-2024-43714: Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scriptin Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run

nvd

CVE-2024-43715MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-43715 [MEDIUM] CWE-79 CVE-2024-43715: Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scriptin Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run

nvd

CVE-2024-52993MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52993 [MEDIUM] CWE-79 CVE-2024-52993: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-52839MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-52839 [MEDIUM] CWE-79 CVE-2024-52839: Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scriptin Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run

nvd

CVE-2024-43748MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-43748 [MEDIUM] CWE-79 CVE-2024-43748: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2024-43749MEDIUMCVSS 5.4fixed in 6.5.22.0fixed in 2024.11.02024-12-10

CVE-2024-43749 [MEDIUM] CWE-79 CVE-2024-43749: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

← Previous23 / 55Next →