CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30678 – AEM Reflected XSS Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-30678
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. Adobe Experience Manager versiones 6.5.13.0 (y anteriores), están afectadas por una vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejado. Si un atacante es capaz de convencer a una víctima de que visite una URL que haga referencia a una página vulnerable, puede ejecutarse contenido JavaScript malicioso en el contexto del navegador de la víctima. • https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30677 – AEM Reflected XSS Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-30677
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. Adobe Experience Manager versiones 6.5.13.0 (y anteriores), están afectadas por una vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejado. Si un atacante es capaz de convencer a una víctima de que visite una URL que haga referencia a una página vulnerable, puede ejecutarse contenido JavaScript malicioso en el contexto del navegador de la víctima. • https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28852 – Adobe InDesign 2022 Out-of-Bound Write Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-28852
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb22-50.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28853 – Adobe InDesign 2022 Out-of-Bound Write Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-28853
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb22-50.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 46%CPEs: 4EXPL: 0CVE-2022-38434 – Adobe Photoshop SVG File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-38434
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/photoshop/apsb22-52.html • CWE-416: Use After Free •