VYPR
Unrated severityNVD Advisory· Published Jan 13, 2022· Updated Sep 16, 2024

AEM Forms Improper Restriction of XML External Entity Reference

CVE-2021-40722

Description

AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.