Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Experience_manager_cloud_service
(Adobe)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 183 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-01-13 | CVE-2021-44178 | AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a reflected Cross-Site Scripting (XSS) vulnerability via the itemResourceType parameter. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser | Experience_manager, Experience_manager_cloud_service | 6.1 | ||
| 2022-09-23 | CVE-2022-38438 | Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | Experience_manager, Experience_manager_cloud_service | 5.4 | ||
| 2022-09-23 | CVE-2022-38439 | Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | Experience_manager, Experience_manager_cloud_service | 5.4 | ||
| 2022-12-16 | CVE-2022-35694 | Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | Experience_manager, Experience_manager_cloud_service | N/A | ||
| 2022-12-16 | CVE-2022-35696 | Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | Experience_manager, Experience_manager_cloud_service | N/A | ||
| 2022-12-16 | CVE-2022-42351 | Adobe Experience Manager version 6.5.14 (and earlier) is affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to disclose low level confidentiality information. Exploitation of this issue does not require user interaction. | Experience_manager, Experience_manager_cloud_service | N/A | ||
| 2022-12-16 | CVE-2022-42360 | Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | Experience_manager, Experience_manager_cloud_service | N/A | ||
| 2022-12-16 | CVE-2022-42366 | Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | Experience_manager, Experience_manager_cloud_service | N/A | ||
| 2022-12-16 | CVE-2022-42367 | Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | Experience_manager, Experience_manager_cloud_service | N/A | ||
| 2022-12-16 | CVE-2022-44462 | Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | Experience_manager, Experience_manager_cloud_service | N/A |