CVE-2018-5005

Опубликовано: 06 сент. 2018

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a Cross-site Scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

Ссылки

http://www.securityfocus.com/bid/105073
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041470
Third Party Advisory
VDB Entry
https://helpx.adobe.com/security/products/experience-manager/apsb18-26.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/105073
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041470
Third Party Advisory
VDB Entry
https://helpx.adobe.com/security/products/experience-manager/apsb18-26.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*

Версия от 6.3.2.1 (включая) до 6.3.2.2 (включая)

cpe:2.3:a:adobe:experience_manager:6.4:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*

Версия от 6.2.1.1 (включая) до 6.2.1.14 (включая)

EPSS

Процентиль: 80%

0.01386

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-34gg-g64c-2h3q