First published: Mon Dec 19 2022(Updated: )
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
Credit: psirt@adobe.com psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Experience Manager | <6.5.15.0 | |
Adobe Experience Manager Cloud Service | <2022.10.0 | |
<6.5.15.0 | ||
<2022.10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-44488.
The severity of CVE-2022-44488 is medium with a CVSS score of 5.4.
Adobe Experience Manager version 6.5.14 (and earlier) and Adobe Experience Manager Cloud Service up to version 2022.10.0 are affected by CVE-2022-44488.
An attacker with low privileges could use this vulnerability to redirect users to malicious websites.
Yes, exploitation of CVE-2022-44488 requires user interaction.