Vulnerabilities > Adobe > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-13 | CVE-2021-43761 | Cross-site Scripting vulnerability in Adobe products AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 5.4 |
| 2022-01-13 | CVE-2021-43762 | Improper Input Validation vulnerability in Adobe products AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a dispatcher bypass vulnerability that could be abused to evade security controls. | 6.5 |
| 2022-01-13 | CVE-2021-43764 | Cross-site Scripting vulnerability in Adobe products AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 5.4 |
| 2022-01-13 | CVE-2021-43765 | Cross-site Scripting vulnerability in Adobe products AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
| 2022-01-13 | CVE-2021-44176 | Cross-site Scripting vulnerability in Adobe products AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
| 2022-01-13 | CVE-2021-44177 | Cross-site Scripting vulnerability in Adobe products AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
| 2022-01-13 | CVE-2021-44178 | Cross-site Scripting vulnerability in Adobe products AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a reflected Cross-Site Scripting (XSS) vulnerability via the itemResourceType parameter. | 6.1 |
| 2022-01-13 | CVE-2021-45054 | Use After Free vulnerability in Adobe Incopy 15.1.3/16.0/16.4 Adobe InCopy version 16.4 (and earlier) is affected by a use-after-free vulnerability in the processing of a JPEG2000 file that could lead to disclosure of sensitive memory. | 5.5 |
| 2021-12-20 | CVE-2021-43746 | Access of Uninitialized Pointer vulnerability in Adobe Premiere Rush 1.5.12/1.5.16/1.5.8 Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose sensitive information on affected installations. | 5.5 |
| 2021-12-20 | CVE-2021-43748 | NULL Pointer Dereference vulnerability in Adobe Premiere Rush 1.5.12/1.5.16/1.5.8 Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Null pointer dereference vulnerability. | 5.5 |