First published: Mon Dec 19 2022(Updated: )
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Credit: psirt@adobe.com psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Experience Manager | <6.5.15.0 | |
Adobe Experience Manager Cloud Service | <2022.10.0 | |
<6.5.15.0 | ||
<2022.10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
An attacker can exploit the vulnerability by convincing a victim to visit a URL referencing a vulnerable page, where malicious JavaScript content may be executed.
The severity of the CVE-2022-44471 vulnerability is medium, with a severity value of 5.4.
Adobe Experience Manager version 6.5.14 (and earlier) and Adobe Experience Manager Cloud Service version 2022.10.0 (and earlier) are affected by the vulnerability.
You can find more information about the CVE-2022-44471 vulnerability at the following reference: https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html