Adobe Experience Manager up to 6.5 Reflected cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, has been found in Adobe Experience Manager up to 6.5 (Content Management System). This issue affects some unknown functionality. Upgrading eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1055378810/24/2020VulD...confirm_urlhttps://helpx.adobe.com/security/products/experience-manager/apsb20-31.htmlcve.mitre.org10/24/2020accepted70
1016940106/13/2020VulD...cve_nvd_summaryAdobe Experience Manager versions 6.5 and earlier have a cross-site scripting (reflected) vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser.mitre.org06/13/2020accepted100
1016940006/13/2020VulD...cve_assigned1583107200mitre.org06/13/2020accepted100
1016938906/13/2020VulD...cvss3_nvd_aNnist.gov06/13/2020accepted100
1016938806/13/2020VulD...cvss3_nvd_iLnist.gov06/13/2020accepted100
1016938706/13/2020VulD...cvss3_nvd_cLnist.gov06/13/2020accepted100
1016938606/13/2020VulD...cvss3_nvd_sCnist.gov06/13/2020accepted100
1016938506/13/2020VulD...cvss3_nvd_uiRnist.gov06/13/2020accepted100
1016938406/13/2020VulD...cvss3_nvd_prNnist.gov06/13/2020accepted100
1016938306/13/2020VulD...cvss3_nvd_acLnist.gov06/13/2020accepted100
1016938206/13/2020VulD...cvss3_nvd_avNnist.gov06/13/2020accepted100
1016936906/13/2020VulD...cvss2_nvd_aiNnist.gov06/13/2020accepted100
1016936806/13/2020VulD...cvss2_nvd_iiPnist.gov06/13/2020accepted100
1016936706/13/2020VulD...cvss2_nvd_ciNnist.gov06/13/2020accepted100
1016936606/13/2020VulD...cvss2_nvd_auNnist.gov06/13/2020accepted100
1016936506/13/2020VulD...cvss2_nvd_acMnist.gov06/13/2020accepted100
1016936406/13/2020VulD...cvss2_nvd_avNnist.gov06/13/2020accepted100
1016935406/13/2020VulD...cwe79 (cross site scripting)06/13/2020accepted100
1016935006/13/2020VulD...typeContent Management System06/13/2020accepted100
1016940906/13/2020VulD...cvss3_nvd_basescore6.1nist.gov06/13/2020accepted90

Interested in the pricing of exploits?

See the underground prices here!