Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:adobe:experience_manager:6.1.2.4:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-9732 |
The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they open the page containing the vulnerable field. Published: September 10, 2020; 1:15:35 PM -0400 |
V4.0:(not available) V3.1: 9.0 CRITICAL V2.0: 6.0 MEDIUM |
CVE-2020-3769 |
Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure. Published: March 25, 2020; 4:15:14 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-7953 |
Adobe Experience Manager version 6.4 and ealier have a Cross-Site Request Forgery vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user. Published: July 18, 2019; 6:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-12807 |
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have an input validation bypass vulnerability. Successful exploitation could lead to unauthorized information modification. Published: August 29, 2018; 9:29:00 AM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2018-12806 |
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. Published: August 29, 2018; 9:29:00 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-5006 |
Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. Published: July 20, 2018; 3:29:02 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-12809 |
Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. Published: July 20, 2018; 3:29:02 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-4930 |
Adobe Experience Manager versions 6.3 and earlier have an exploitable Cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. Published: May 19, 2018; 1:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-4929 |
Adobe Experience Manager versions 6.2 and earlier have an exploitable stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. Published: May 19, 2018; 1:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-3108 |
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability. Published: August 11, 2017; 3:29:02 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-3107 |
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. Published: August 11, 2017; 3:29:02 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-7885 |
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks. Published: December 15, 2016; 1:59:49 AM -0500 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2016-7882 |
Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks. Published: December 15, 2016; 1:59:46 AM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |