Adobe Experience Manager Cloud Service vulnerabilities

CVE-2022-42346 [MEDIUM] CWE-79 CVE-2022-42346: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-44471 [MEDIUM] CWE-79 CVE-2022-44471: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-42357 [MEDIUM] CWE-79 CVE-2022-42357: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-44474 [MEDIUM] CWE-79 CVE-2022-44474: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-44465 [MEDIUM] CWE-79 CVE-2022-44465: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-42364 [MEDIUM] CWE-79 CVE-2022-42364: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-44470 [MEDIUM] CWE-79 CVE-2022-44470: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-42349 [MEDIUM] CWE-79 CVE-2022-42349: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-35695 [MEDIUM] CWE-79 CVE-2022-35695: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-44488 [MEDIUM] CWE-601 CVE-2022-44488: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a URL Redirection to Untrusted Adobe Experience Manager version 6.5.14 (and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.

CVE-2022-44467 [MEDIUM] CWE-79 CVE-2022-44467: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-42354 [MEDIUM] CWE-79 CVE-2022-42354: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-44466 [MEDIUM] CWE-79 CVE-2022-44466: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-42350 [MEDIUM] CWE-79 CVE-2022-42350: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-30679 [MEDIUM] CWE-79 CVE-2022-30679: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-42362 [MEDIUM] CWE-79 CVE-2022-42362: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-42345 [MEDIUM] CWE-79 CVE-2022-42345: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-42356 [MEDIUM] CWE-79 CVE-2022-42356: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-35693 [MEDIUM] CWE-79 CVE-2022-35693: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2022-42348 [MEDIUM] CWE-79 CVE-2022-42348: Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scriptin Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.