VYPR

Experience Manager

by Adobe Inc.

CVEs (1,157)

  • CVE-2018-4875MedFeb 27, 2018
    risk 0.40cvss 6.1epss 0.03

    Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM.

  • CVE-2017-3109MedDec 9, 2017
    risk 0.40cvss 6.1epss 0.03

    An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Adobe Experience Manager has a reflected cross-site scripting vulnerability in the HtmlRendererServlet.

  • CVE-2017-11296MedDec 9, 2017
    risk 0.40cvss 6.1epss 0.03

    An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager.

  • CVE-2016-7884MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.03

    Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks.

  • CVE-2016-7883MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.03

    Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks.

  • CVE-2016-7882MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.03

    Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks.

  • CVE-2016-6933MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.02

    Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks.

  • CVE-2016-4170MedAug 9, 2016
    risk 0.40cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2016-4168MedAug 9, 2016
    risk 0.40cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2016-0955MedFeb 10, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM) 6.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a folder title field that is mishandled in the Deletion popup dialog.

  • CVE-2026-34694MedJun 9, 2026
    risk 0.38cvss 5.9epss 0.00

    Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be…

  • CVE-2026-48304MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be…

  • CVE-2026-48301MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be…

  • CVE-2026-48300MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be…

  • CVE-2026-48299MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be…

  • CVE-2026-48297MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be…

  • CVE-2026-48280MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the…

  • CVE-2026-48271MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the…

  • CVE-2026-48268MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the…

  • CVE-2026-48266MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the…

Page 2 of 58