VDB

CNVD-2025-21172

CNVD-2025-21172 PUBLISHED CVSS 8.600000381469727 HIGH

Adobe Experience Manager是Adobe公司推出的内容管理解决方案,旨在帮助企业高效创建、管理和交付跨渠道内容,同时整合商业解决方案以提升客户体验。 Adobe Experience Manager存在XML实体注入漏洞,该漏洞源于XML外部实体引用限制不当,攻击者可利用该漏洞导致任意文件系统读取。

Risk Scores

CVSS v3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Affected Products

VendorProductVersions
AdobeAdobe Experience Manager0

Timeline

  • Aug 5, 2025 CVE Published
  • Aug 6, 2025 PoC Published
  • Aug 6, 2025 PoC Published
  • Aug 6, 2025 PoC Published
  • Aug 6, 2025 PoC Published
  • Aug 6, 2025 PoC Published
  • Aug 6, 2025 PoC Published
  • Aug 7, 2025 PoC Published
  • Aug 7, 2025 PoC Published
  • Aug 8, 2025 PoC Published
  • Aug 8, 2025 PoC Published
  • Aug 8, 2025 PoC Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›