VYPR

Experience Manager

by Adobe Inc.

CVEs (1,157)

  • CVE-2020-9742Sep 10, 2020
    risk 0.00cvss epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below) and 6.3.3.8 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Inbox calendar feature. These scripts may be executed in a…

  • CVE-2020-9741Sep 10, 2020
    risk 0.00cvss epss 0.02

    The AEM forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a…

  • CVE-2020-9736Sep 10, 2020
    risk 0.00cvss epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…

  • CVE-2020-9735Sep 10, 2020
    risk 0.00cvss epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…

  • CVE-2020-9732Sep 10, 2020
    risk 0.00cvss epss 0.03

    The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a…

  • CVE-2020-9738Sep 10, 2020
    risk 0.00cvss epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…

  • CVE-2020-9737Sep 10, 2020
    risk 0.00cvss epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…

  • CVE-2020-9733Sep 10, 2020
    risk 0.00cvss epss 0.04

    An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. If exploited, this could lead to read-only access to sensitive data in an AEM repository.

  • CVE-2020-9740Sep 10, 2020
    risk 0.00cvss epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Design Importer. These scripts…

  • CVE-2020-9644Jun 12, 2020
    risk 0.00cvss epss 0.02

    Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (stored) vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser.

  • CVE-2020-9643Jun 12, 2020
    risk 0.00cvss epss 0.03

    Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2020-9645Jun 12, 2020
    risk 0.00cvss epss 0.03

    Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2020-3769Mar 25, 2020
    risk 0.00cvss epss 0.03

    Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2020-3741Feb 13, 2020
    risk 0.00cvss epss 0.03

    Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled resource consumption vulnerability. Successful exploitation could lead to denial-of-service.

  • CVE-2019-16467Jan 15, 2020
    risk 0.00cvss epss 0.01

    Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2019-16468Jan 15, 2020
    risk 0.00cvss epss 0.03

    Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2019-16466Jan 15, 2020
    risk 0.00cvss epss 0.02

    Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2019-8234Oct 25, 2019
    risk 0.00cvss epss 0.02

    Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site request forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2019-8087Oct 25, 2019
    risk 0.00cvss epss 0.04

    Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2019-8085Oct 25, 2019
    risk 0.00cvss epss 0.01

    Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

Page 57 of 58