Adobe Experience Manager up to 6.5 Reflected cross site scripting

A vulnerability, which was classified as problematic, has been found in Adobe Experience Manager up to 6.5 (Content Management System). This issue affects some unknown functionality. Upgrading eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability.

Field	06/13/2020 07:49 AM	06/13/2020 09:12 AM	10/24/2020 02:27 PM
vendor	Adobe	Adobe	Adobe
name	Experience Manager	Experience Manager	Experience Manager
version	<=6.5	<=6.5	<=6.5
risk	1	1	1
cvss2_vuldb_basescore	4.3	4.3	4.3
cvss2_vuldb_tempscore	3.7	3.7	3.7
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	N	N	N
cvss3_meta_basescore	5.2	5.2	5.2
cvss3_meta_tempscore	4.9	4.9	4.9
cvss3_vuldb_basescore	4.3	4.3	4.3
cvss3_vuldb_tempscore	4.1	4.1	4.1
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	R	R	R
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	N	N	N
titleword	Reflected	Reflected	Reflected
date	1591920000 (06/12/2020)	1591920000 (06/12/2020)	1591920000 (06/12/2020)
location	Website	Website	Website
type	Security Bulletin	Security Bulletin	Security Bulletin
url	https://helpx.adobe.com/security/products/experience-manager/apsb20-31.html	https://helpx.adobe.com/security/products/experience-manager/apsb20-31.html	https://helpx.adobe.com/security/products/experience-manager/apsb20-31.html
identifier	APSB20-31	APSB20-31	APSB20-31
price_0day	$0-$5k	$0-$5k	$0-$5k
name	Upgrade	Upgrade	Upgrade
date	1591660800 (06/09/2020)	1591660800 (06/09/2020)	1591660800 (06/09/2020)
cve	CVE-2020-9651	CVE-2020-9651	CVE-2020-9651
seealso	156678 156679 156680 156681 156682	156678 156679 156680 156681 156682	156678 156679 156680 156681 156682
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_rc	C	C	C
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
cvss3_nvd_basescore	6.1	6.1	6.1
type		Content Management System	Content Management System
cwe	0	79 (cross site scripting)	79 (cross site scripting)
cvss2_nvd_av		N	N
cvss2_nvd_ac		M	M
cvss2_nvd_au		N	N
cvss2_nvd_ci		N	N
cvss2_nvd_ii		P	P
cvss2_nvd_ai		N	N
cvss3_nvd_av		N	N
cvss3_nvd_ac		L	L
cvss3_nvd_pr		N	N
cvss3_nvd_ui		R	R
cvss3_nvd_s		C	C
cvss3_nvd_c		L	L
cvss3_nvd_i		L	L
cvss3_nvd_a		N	N
cve_assigned		1583107200	1583107200
cve_nvd_summary		Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (reflected) vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser.	Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (reflected) vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser.
confirm_url			https://helpx.adobe.com/security/products/experience-manager/apsb20-31.html

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!