Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to inject and execute arbitrary JavaScript code within the context of the user's browser session. Exploitation of this issue requires user interaction, such as convincing a victim to click on a malicious link.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
27 Aug 2024, 14:46
Type | Values Removed | Values Added |
---|---|---|
References | () https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html - Vendor Advisory | |
First Time |
Adobe experience Manager
Adobe |
|
Summary |
|
|
CPE | cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:* |
23 Aug 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-23 17:15
Updated : 2024-08-27 14:46
NVD link : CVE-2024-41878
Mitre link : CVE-2024-41878
CVE.ORG link : CVE-2024-41878
JSON object : View
Products Affected
adobe
- experience_manager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')