Vulnerabilities > Adobe > Experience Manager > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-25 CVE-2019-8086 XXE vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability.
network
low complexity
adobe CWE-611
7.5
7.5
2019-10-25 CVE-2019-8082 XXE vulnerability in Adobe Experience Manager 6.2/6.3/6.4
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability.
network
low complexity
adobe CWE-611
7.5
7.5
2019-10-25 CVE-2019-8081 Unspecified vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authentication bypass vulnerability.
network
low complexity
adobe
7.5
7.5
2018-07-20 CVE-2018-5006 Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability.
network
low complexity
adobe CWE-918
7.5
7.5
2018-07-20 CVE-2018-5004 Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability.
network
low complexity
adobe CWE-918
7.5
7.5
2018-07-20 CVE-2018-12809 Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability.
network
low complexity
adobe CWE-918
7.5
7.5
2017-12-09 CVE-2017-3111 Information Exposure vulnerability in Adobe Experience Manager 6.1.0/6.2.0
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0.
network
low complexity
adobe CWE-200
7.5
7.5
2017-08-11 CVE-2017-3110 Information Exposure vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability.
network
low complexity
adobe CWE-200
7.5
7.5
2017-08-11 CVE-2017-3107 Information Exposure vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.
network
low complexity
adobe CWE-200
7.5
7.5
2016-12-15 CVE-2016-7885 Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
network
low complexity
adobe CWE-352
8.8
8.8