Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Adobe Subscribe
Filtered by product Experience Manager

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40722 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2022-01-19 7.5 HIGH 9.8 CRITICAL
AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE.
CVE-2020-24445 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2021-01-13 3.5 LOW 9.0 CRITICAL
AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVE-2020-9732 1 Adobe 2 Experience Manager, Experience Manager Forms 2020-09-11 6.0 MEDIUM 9.0 CRITICAL
The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they open the page containing the vulnerable field.
CVE-2019-7964 1 Adobe 1 Experience Manager 2020-08-24 10.0 HIGH 9.8 CRITICAL
Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote code execution.
CVE-2019-8088 1 Adobe 1 Experience Manager 2020-08-24 7.5 HIGH 9.8 CRITICAL
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3108 1 Adobe 1 Experience Manager 2017-08-16 7.5 HIGH 9.8 CRITICAL
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability.