Vulnerabilities > Adobe > Experience Manager > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-20 CVE-2018-5004 Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability.
network
low complexity
adobe CWE-918
7.5
2018-07-20 CVE-2018-12809 Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability.
network
low complexity
adobe CWE-918
7.5
2017-12-09 CVE-2017-3111 Information Exposure vulnerability in Adobe Experience Manager 6.1.0/6.2.0
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0.
network
low complexity
adobe CWE-200
7.5
2017-08-11 CVE-2017-3110 Information Exposure vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability.
network
low complexity
adobe CWE-200
7.5
2017-08-11 CVE-2017-3107 Information Exposure vulnerability in Adobe Experience Manager
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.
network
low complexity
adobe CWE-200
7.5
2016-12-15 CVE-2016-7885 Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
network
low complexity
adobe CWE-352
8.8
2016-02-10 CVE-2016-0958 Information Exposure vulnerability in Adobe Experience Manager 5.6.1/6.0.0/6.1.0
Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object.
network
low complexity
adobe CWE-200
7.5
2016-02-10 CVE-2016-0957 Unspecified vulnerability in Adobe Dispatcher and Experience Manager
Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors.
network
low complexity
adobe
7.5
2016-02-10 CVE-2016-0956 Information Exposure vulnerability in multiple products
The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors.
network
low complexity
apache adobe CWE-200
7.5