CVE-2017-3067
https://notcve.org/view.php?id=CVE-2017-3067
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms. Adobe Experience Manager Forms versiones 6.2, 6.1, 6.0, presenta una vulnerabilidad de divulgación de información resultante de la violación del servicio pre-population en formularios AEM. • http://www.securityfocus.com/bid/98348 http://www.securitytracker.com/id/1038428 https://helpx.adobe.com/security/products/aem-forms/apsb17-16.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-6934
https://notcve.org/view.php?id=CVE-2016-6934
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the PMAdmin module that could be used in cross-site scripting attacks. Adobe Experience Manager Forms en versión 6.2 y versiones anteriores, LiveCycle 11.0.1, LiveCycle 10.0.4 tienen un problema de validación de entrada en el módulo PMAdmin que puede ser utilizado en ataques de XSS. • http://www.securityfocus.com/bid/94867 http://www.securitytracker.com/id/1037465 https://helpx.adobe.com/security/products/aem-forms/apsb16-40.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •