Adobe: >> Experience Manager Security Vulnerabilities
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances.
CVSS Score
7.5
EPSS Score
0.096
Published
2017-12-09
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager.
CVSS Score
6.1
EPSS Score
0.015
Published
2017-12-09
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.
CVSS Score
7.5
EPSS Score
0.096
Published
2017-08-11
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability.
CVSS Score
9.8
EPSS Score
0.102
Published
2017-08-11
Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability.
CVSS Score
7.5
EPSS Score
0.096
Published
2017-08-11
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
CVSS Score
8.8
EPSS Score
0.012
Published
2016-12-15
Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks.
CVSS Score
6.1
EPSS Score
0.013
Published
2016-12-15
Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks.
CVSS Score
6.1
EPSS Score
0.013
Published
2016-12-15
Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks.
CVSS Score
6.1
EPSS Score
0.013
Published
2016-12-15
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks.
CVSS Score
6.1
EPSS Score
0.012
Published
2016-12-15