Total
503 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9742 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below) and 6.3.3.8 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Inbox calendar feature. These scripts may be executed in a victim’s browser when they open the page containing the vulnerable field. | |||||
| CVE-2020-9738 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
| AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be executed in a victim’s browser when visiting the page containing the vulnerable field. | |||||
| CVE-2020-9735 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
| AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be executed in a victim’s browser when search queries return the page containing the vulnerable field. | |||||
| CVE-2020-3769 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8079 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8087 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-16469 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-16466 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8085 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-16468 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8078 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8084 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8234 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site request forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8088 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-8081 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authentication bypass vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8083 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.5, 6.4 and 6.3 have a cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8080 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4 and 6.3 have a stored cross site scripting vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2019-8082 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2020-3741 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled resource consumption vulnerability. Successful exploitation could lead to denial-of-service. | |||||
| CVE-2019-16467 | 1 Adobe | 1 Experience Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||