exploitDog

GHSA-6jw2-rv23-6vmg

Опубликовано: 09 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls allowing unauthorized read access.

Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls allowing unauthorized read access.

Ссылки

EPSS

Процентиль: 90%

0.05105

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2025-54249

CVSS3: 6.5

nvd

5 месяцев назад

Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls allowing unauthorized read access.

BDU:2025-11104

CVSS3: 6.5

fstec

5 месяцев назад

Уязвимость системы управления контентом и медиа-данными Adobe Experience Manager (AEM), связанная с недостаточной проверкой запросов на стороне сервера, позволяющая нарушителю обойти ограничения безопасности и осуществить SSRF-атаку

EPSS

Процентиль: 90%

0.05105

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-918