Filtered by vendor Adobe Subscriptions
Filtered by product Experience Manager Subscriptions
Total 674 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-22271 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.3 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for Passwords vulnerability that can lead to a security feature bypass. A low-privileged attacker can exploit this in order to decrypt a user's password. The attack complexity is high since a successful exploitation requires to already have in possession this encrypted secret.
CVE-2023-22269 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2023-22266 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22265 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22264 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22263 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22262 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22261 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22260 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22259 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22258 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22257 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22254 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2023-22253 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2023-22252 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2023-21616 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2023-21615 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44510 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44488 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 3.5 Low
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2022-44474 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 5.4 Medium
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.