VDB

CISA-2024-36227

CISA-2024-36227 PUBLISHED CVSS 5.4 MEDIUM

Reported by adobe · Published June 13, 2024

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires user interaction, such as convincing a user to click on a specially crafted link or to submit a malicious form.

Risk Scores

CVSS 3.1
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
AdobeAdobe Experience Manager0
AdobeAdobe Experience Manager0, 0
adobeexperience_manager_cloud_service0, 0
adobeexperience_manager0, 0

Timeline

  • Jun 13, 2024 CVE Published
  • Oct 7, 2024 CVE Updated

References

  • vendor-advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›