Vulnerabilities > Adobe > Experience Manager > 6.0.0

DATE CVE VULNERABILITY TITLE RISK
2018-02-27 CVE-2018-4875 Cross-site Scripting vulnerability in Adobe Experience Manager 6.0.0/6.1.0
Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM.
network
low complexity
adobe CWE-79
6.1
2017-12-09 CVE-2017-3109 Cross-site Scripting vulnerability in Adobe Experience Manager
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0.
network
low complexity
adobe CWE-79
6.1
2017-12-09 CVE-2017-11296 Cross-site Scripting vulnerability in Adobe Experience Manager
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0.
network
low complexity
adobe CWE-79
6.1
2017-08-11 CVE-2017-3110 Information Exposure vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability.
network
low complexity
adobe CWE-200
7.5
2017-08-11 CVE-2017-3108 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability.
network
low complexity
adobe CWE-434
critical
9.8
2017-08-11 CVE-2017-3107 Information Exposure vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.
network
low complexity
adobe CWE-200
7.5
2016-12-15 CVE-2016-7885 Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
network
low complexity
adobe CWE-352
8.8
2016-12-15 CVE-2016-7884 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
2016-12-15 CVE-2016-7882 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
2016-12-15 CVE-2016-6933 Cross-site Scripting vulnerability in Adobe Experience Manager and Livecycle
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1