Stored XSS in AEM Forms component

Stammdaten

Kritikalität
CVE ID
CVE-2020-9734
Aktualisiert am:
2024-08-04T10:43:04.406Z
Veröffentlicht am:
2020-09-08T00:00:00
 

Betroffene Produkte

Hersteller:
Adobe
Produkt(e):
Experience Manager
Betroffene Version:
unspecified, unspecified, unspecified
 

Beschreibung

The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.1 (and below) is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they open the page containing the vulnerable field.
 

Referenzen

 

NIST-Link:


Copyright © 2024 · All Rights Reserved · https://www.tecxero.com | Impressum