← voltar
CVE-2024-36151

Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

CVSS 5.4 MEDIUMEPSS 0.7%CWE-79
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.4EPSS 0.7%KEV nãoPoC Patch referenciado
Ciclo de vida
13 jun 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires user interaction, as the victim needs to visit a web page with a maliciously crafted script.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Produtos afetados
Adobe · Adobe Experience Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://helpx.adobe.com/security/products/experience-manager/apsb24-28.html