Adobe Experience Manager vulnerabilities

1,088 known vulnerabilities affecting adobe/experience_manager.

Total CVEs

1,088

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL11HIGH27MEDIUM1042LOW8

Vulnerabilities

Page 42 of 55

CVE-2023-48458MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48458 [MEDIUM] CWE-79 CVE-2023-48458: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48442MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48442 [MEDIUM] CWE-79 CVE-2023-48442: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48582MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48582 [MEDIUM] CWE-79 CVE-2023-48582: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48464MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48464 [MEDIUM] CWE-79 CVE-2023-48464: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48579MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48579 [MEDIUM] CWE-79 CVE-2023-48579: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48535MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48535 [MEDIUM] CWE-79 CVE-2023-48535: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48614MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48614 [MEDIUM] CWE-79 CVE-2023-48614: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48466MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48466 [MEDIUM] CWE-79 CVE-2023-48466: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48623MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48623 [MEDIUM] CWE-79 CVE-2023-48623: Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scriptin Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48492MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48492 [MEDIUM] CWE-79 CVE-2023-48492: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48523MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48523 [MEDIUM] CWE-79 CVE-2023-48523: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48613MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48613 [MEDIUM] CWE-79 CVE-2023-48613: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48501MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48501 [MEDIUM] CWE-79 CVE-2023-48501: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48443MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48443 [MEDIUM] CWE-79 CVE-2023-48443: Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scriptin Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48515MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48515 [MEDIUM] CWE-79 CVE-2023-48515: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48468MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48468 [MEDIUM] CWE-79 CVE-2023-48468: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48519MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48519 [MEDIUM] CWE-79 CVE-2023-48519: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48495MEDIUMCVSS 5.4≤ 6.5.18.02023-12-15

CVE-2023-48495 [MEDIUM] CWE-79 CVE-2023-48495: Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-bas Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-48619MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48619 [MEDIUM] CWE-79 CVE-2023-48619: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2023-48604MEDIUMCVSS 5.4≤ 6.5.182023-12-15

CVE-2023-48604 [MEDIUM] CWE-79 CVE-2023-48604: Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

← Previous42 / 55Next →