Vulnerabilities > Adobe > Experience Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-29 | CVE-2018-12807 | Improper Input Validation vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have an input validation bypass vulnerability. | 5.3 |
| 2018-08-29 | CVE-2018-12806 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. | 6.1 |
| 2018-07-20 | CVE-2018-5006 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. | 7.5 |
| 2018-07-20 | CVE-2018-5004 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability. | 7.5 |
| 2018-07-20 | CVE-2018-12809 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. | 7.5 |
| 2018-05-19 | CVE-2018-4931 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.1 and earlier have an exploitable stored cross-site scripting vulnerability. | 6.1 |
| 2018-05-19 | CVE-2018-4930 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.3 and earlier have an exploitable Cross-site scripting vulnerability. | 6.1 |
| 2018-05-19 | CVE-2018-4929 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and earlier have an exploitable stored cross-site scripting vulnerability. | 6.1 |
| 2018-02-27 | CVE-2018-4876 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.1.0/6.2.0/6.3.0 Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function. | 6.1 |
| 2018-02-27 | CVE-2018-4875 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.0.0/6.1.0 Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM. | 6.1 |