Vulnerabilities > Adobe > Experience Manager > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-20 | CVE-2018-5004 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability. | 7.5 |
2018-07-20 | CVE-2018-12809 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. | 7.5 |
2017-12-09 | CVE-2017-3111 | Information Exposure vulnerability in Adobe Experience Manager 6.1.0/6.2.0 An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. | 7.5 |
2017-08-11 | CVE-2017-3110 | Information Exposure vulnerability in Adobe Experience Manager Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability. | 7.5 |
2017-08-11 | CVE-2017-3107 | Information Exposure vulnerability in Adobe Experience Manager Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. | 7.5 |
2016-12-15 | CVE-2016-7885 | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks. | 8.8 |
2016-02-10 | CVE-2016-0958 | Information Exposure vulnerability in Adobe Experience Manager 5.6.1/6.0.0/6.1.0 Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object. | 7.5 |
2016-02-10 | CVE-2016-0957 | Unspecified vulnerability in Adobe Dispatcher and Experience Manager Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors. | 7.5 |
2016-02-10 | CVE-2016-0956 | Information Exposure vulnerability in multiple products The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |