Описание
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a manipulated web page.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.4 Medium
CVSS3
Дефекты
Связанные уязвимости
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a manipulated web page.
Уязвимость системы управления контентом и медиа-данными Adobe Experience Manager (AEM), связанная с недостаточной защитой структуры веб-страницы, позволяющая нарушителю выполнить произвольный код
EPSS
5.4 Medium
CVSS3