Vulnerabilities > Adobe > Experience Manager

DATE CVE VULNERABILITY TITLE RISK
2022-09-16 CVE-2022-30682 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2022-09-16 CVE-2022-30683 Unspecified vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend .
network
high complexity
adobe
5.3
5.3
2022-09-16 CVE-2022-30684 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2022-09-16 CVE-2022-30685 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2022-09-16 CVE-2022-30686 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2022-09-16 CVE-2022-34218 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2022-09-16 CVE-2022-35664 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2022-01-13 CVE-2021-40722 XXE vulnerability in Adobe products
AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE.
network
low complexity
adobe CWE-611
critical
 9.8
9.8
2022-01-13 CVE-2021-43761 Cross-site Scripting vulnerability in Adobe products
AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
5.4
5.4
2022-01-13 CVE-2021-43762 Improper Input Validation vulnerability in Adobe products
AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a dispatcher bypass vulnerability that could be abused to evade security controls.
network
low complexity
adobe CWE-20
6.5
6.5