5.6.1

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-10	CVE-2020-9733	Improper Privilege Management vulnerability in Adobe Experience Manager An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. network low complexity adobe CWE-269	7.5
2020-09-10	CVE-2020-9732	Cross-site Scripting vulnerability in Adobe Experience Manager The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. network low complexity adobe CWE-79 critical	9.0
2018-07-20	CVE-2018-5006	Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. network low complexity adobe CWE-918	7.5
2018-07-20	CVE-2018-12809	Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. network low complexity adobe CWE-918	7.5
2018-05-19	CVE-2018-4931	Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.1 and earlier have an exploitable stored cross-site scripting vulnerability. network low complexity adobe CWE-79	6.1
2018-05-19	CVE-2018-4930	Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.3 and earlier have an exploitable Cross-site scripting vulnerability. network low complexity adobe CWE-79	6.1
2018-05-19	CVE-2018-4929	Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and earlier have an exploitable stored cross-site scripting vulnerability. network low complexity adobe CWE-79	6.1
2017-08-11	CVE-2017-3110	Information Exposure vulnerability in Adobe Experience Manager Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability. network low complexity adobe CWE-200	7.5
2017-08-11	CVE-2017-3108	Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Experience Manager Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability. network low complexity adobe CWE-434 critical	9.8
2017-08-11	CVE-2017-3107	Information Exposure vulnerability in Adobe Experience Manager Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. network low complexity adobe CWE-200	7.5