Vulnerabilities > Adobe > Experience Manager

DATE CVE VULNERABILITY TITLE RISK
2017-12-09 CVE-2017-3111 Information Exposure vulnerability in Adobe Experience Manager 6.1.0/6.2.0
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0.
network
low complexity
adobe CWE-200
7.5
7.5
2017-12-09 CVE-2017-3109 Cross-site Scripting vulnerability in Adobe Experience Manager
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0.
network
low complexity
adobe CWE-79
6.1
6.1
2017-12-09 CVE-2017-11296 Cross-site Scripting vulnerability in Adobe Experience Manager
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0.
network
low complexity
adobe CWE-79
6.1
6.1
2017-08-11 CVE-2017-3110 Information Exposure vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability.
network
low complexity
adobe CWE-200
7.5
7.5
2017-08-11 CVE-2017-3108 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability.
network
low complexity
adobe CWE-434
critical
 9.8
9.8
2017-08-11 CVE-2017-3107 Information Exposure vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.
network
low complexity
adobe CWE-200
7.5
7.5
2016-12-15 CVE-2016-7885 Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
network
low complexity
adobe CWE-352
8.8
8.8
2016-12-15 CVE-2016-7884 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
6.1
2016-12-15 CVE-2016-7883 Cross-site Scripting vulnerability in Adobe Experience Manager 6.2.0
Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
6.1
2016-12-15 CVE-2016-7882 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
6.1