AEM Forms Improper Restriction of XML External Entity Reference

Stammdaten

Kritikalität
CVE ID
CVE-2021-40722
Aktualisiert am:
2024-09-16T22:10:35.865Z
Veröffentlicht am:
2022-01-13T20:27:18.222810Z
 

Betroffene Produkte

Hersteller:
Adobe
Produkt(e):
Experience Manager
Betroffene Version:
unspecified, unspecified
 

Beschreibung

AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE.
 

Referenzen

https://helpx.adobe.com/security/products/experience-manager/apsb21-103.html
 

NIST-Link:

https://nvd.nist.gov/vuln/detail/CVE-2021-40722

Copyright © 2024 · All Rights Reserved · https://www.tecxero.com | Impressum