Vulnerabilities > Adobe > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-12-15 CVE-2016-7884 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
2016-12-15 CVE-2016-7883 Cross-site Scripting vulnerability in Adobe Experience Manager 6.2.0
Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
2016-12-15 CVE-2016-7882 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
2016-12-15 CVE-2016-6934 Cross-site Scripting vulnerability in Adobe Experience Manager Forms and Livecycle
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the PMAdmin module that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
2016-12-15 CVE-2016-6933 Cross-site Scripting vulnerability in Adobe Experience Manager and Livecycle
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
2016-11-08 CVE-2016-7851 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module.
network
low complexity
adobe CWE-79
6.1
2016-09-14 CVE-2016-4278 Unspecified vulnerability in Adobe Flash Player
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277.
network
low complexity
adobe
6.5
2016-09-14 CVE-2016-4277 Unspecified vulnerability in Adobe Flash Player
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278.
network
low complexity
adobe
6.5
2016-09-14 CVE-2016-4271 Unspecified vulnerability in Adobe Flash Player
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a "local-with-filesystem Flash sandbox bypass" issue.
network
low complexity
adobe
6.5
2016-08-09 CVE-2016-4253 Information Exposure vulnerability in Adobe Experience Manager
The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors.
network
low complexity
adobe CWE-200
5.3