Security Vulnerabilities, CVEs
CVE-2023-48623
Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48622
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48621
Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48620
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48619
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48618
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48617
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48616
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48615
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48614
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48613
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48612
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48611
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48610
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48609
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48608
Adobe Experience Manager versions 6.5.18 and earlier are affected by an Improper Input Validation vulnerability. A low-privileged attacker could leverage this vulnerability to achieve a low-integrity impact within the application. Exploitation of this issue requires user interaction.
Max CVSS
3.5
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48607
Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48606
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48605
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48604
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48603
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48602
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48601
Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48600
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%
CVE-2023-48599
Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Max CVSS
5.4
Published
2023-12-15
Updated
2023-12-16
EPSS
0.05%