Adobe Experience Manager Forms versions 6.3-6.5 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NAdobe Experience Manager Forms
APPAdobe6.36.46.5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Powiązane podatności
CVE-2025-54253CRITICAL10.0⚠ KEVPL ✓ten sam produkt
RCE przez błędną konfigurację w Adobe Experience Manager Forms
CVE-2020-9732CRITICAL9.0ten sam produkt
The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vul...
CVE-2025-54254HIGH8.6ten sam produkt
Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External E...
CVE-2020-9733HIGH7.5ten sam produkt
An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions ...
CVE-2017-3067HIGH7.5ten sam produkt
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting f...