Vulnerabilities > Adobe > Experience Manager > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-24 | CVE-2021-28626 | Unspecified vulnerability in Adobe Experience Manager Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by an Improper Authorization vulnerability allowing users to create nodes under a location. | 7.5 |
| 2021-08-24 | CVE-2021-28627 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by a Server-side Request Forgery. | 8.8 |
| 2020-09-10 | CVE-2020-9733 | Improper Privilege Management vulnerability in Adobe Experience Manager An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. | 7.5 |
| 2020-06-12 | CVE-2020-9645 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. | 7.5 |
| 2020-06-12 | CVE-2020-9643 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. | 7.5 |
| 2020-03-25 | CVE-2020-3769 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. | 7.5 |
| 2020-02-13 | CVE-2020-3741 | Resource Exhaustion vulnerability in Adobe Experience Manager 6.4/6.5 Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled resource consumption vulnerability. | 7.5 |
| 2020-01-15 | CVE-2019-16469 | Expression Language Injection vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. | 7.5 |
| 2020-01-15 | CVE-2019-16468 | Injection vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. | 7.5 |
| 2019-10-25 | CVE-2019-8087 | XXE vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. | 7.5 |