Adobe Experience Manager vulnerabilities

1,088 known vulnerabilities affecting adobe/experience_manager.

Total CVEs

1,088

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL11HIGH27MEDIUM1042LOW8

Vulnerabilities

Page 47 of 55

CVE-2023-29302MEDIUMCVSS 5.4fixed in 6.5.17.02023-06-15

CVE-2023-29302 [MEDIUM] CWE-79 CVE-2023-29302: Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scrip Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-29307MEDIUMCVSS 5.4fixed in 6.5.17.0≥ unspecified, ≤ 6.5.16.02023-06-15

CVE-2023-29307 [MEDIUM] CWE-601 CVE-2023-29307: Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a URL Redirection to Untrust Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22265MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22265 [MEDIUM] CWE-601 CVE-2023-22265: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22257MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22257 [MEDIUM] CWE-601 CVE-2023-22257: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-21615MEDIUMCVSS 5.4fixed in 6.5.16.02023-03-22

CVE-2023-21615 [MEDIUM] CWE-79 CVE-2023-21615: Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-21616MEDIUMCVSS 5.4fixed in 6.5.16.02023-03-22

CVE-2023-21616 [MEDIUM] CWE-79 CVE-2023-21616: Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-22261MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22261 [MEDIUM] CWE-601 CVE-2023-22261: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22259MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22259 [MEDIUM] CWE-601 CVE-2023-22259: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22260MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22260 [MEDIUM] CWE-601 CVE-2023-22260: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22253MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22253 [MEDIUM] CWE-79 CVE-2023-22253: Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-22262MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22262 [MEDIUM] CWE-601 CVE-2023-22262: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22258MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22258 [MEDIUM] CWE-601 CVE-2023-22258: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22264MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22264 [MEDIUM] CWE-601 CVE-2023-22264: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22252MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22252 [MEDIUM] CWE-79 CVE-2023-22252: Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-22269MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22269 [MEDIUM] CWE-79 CVE-2023-22269: Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-22271MEDIUMCVSS 5.3fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22271 [MEDIUM] CWE-261 CVE-2023-22271: Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for Passwords Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for Passwords vulnerability that can lead to a security feature bypass. A low-privileged attacker can exploit this in order to decrypt a user's password. The attack complexity is high since a successful exploitation requires to already have in possession this encr

nvd

CVE-2023-22266MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22266 [MEDIUM] CWE-601 CVE-2023-22266: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22263MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22263 [MEDIUM] CWE-601 CVE-2023-22263: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

CVE-2023-22254MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22254 [MEDIUM] CWE-79 CVE-2023-22254: Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

nvd

CVE-2023-22256MEDIUMCVSS 5.4fixed in 6.5.16.0≥ unspecified, ≤ 6.5.15.02023-03-22

CVE-2023-22256 [MEDIUM] CWE-601 CVE-2023-22256: Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Si Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

nvd

← Previous47 / 55Next →