Vulnerabilities > Adobe > Experience Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-29 | CVE-2018-12806 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. | 6.1 |
| 2018-05-19 | CVE-2018-4931 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.1 and earlier have an exploitable stored cross-site scripting vulnerability. | 6.1 |
| 2018-05-19 | CVE-2018-4930 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.3 and earlier have an exploitable Cross-site scripting vulnerability. | 6.1 |
| 2018-05-19 | CVE-2018-4929 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and earlier have an exploitable stored cross-site scripting vulnerability. | 6.1 |
| 2018-02-27 | CVE-2018-4876 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.1.0/6.2.0/6.3.0 Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function. | 6.1 |
| 2018-02-27 | CVE-2018-4875 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.0.0/6.1.0 Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM. | 6.1 |
| 2017-12-09 | CVE-2017-3109 | Cross-site Scripting vulnerability in Adobe Experience Manager An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. | 6.1 |
| 2017-12-09 | CVE-2017-11296 | Cross-site Scripting vulnerability in Adobe Experience Manager An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. | 6.1 |
| 2016-12-15 | CVE-2016-7884 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7883 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.2.0 Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks. | 6.1 |