CVE-2016-7884
https://notcve.org/view.php?id=CVE-2016-7884
Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks. Adobe Experience Manager versión 6.1 y versiones anteriores tienen un problema de validación de entrada en DAM create assets que podría utilizarse en ataques de XSS. • http://www.securityfocus.com/bid/94869 http://www.securitytracker.com/id/1037464 https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-7885
https://notcve.org/view.php?id=CVE-2016-7885
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks. Adobe Experience Manager versión 6.2 y versiones anteriores tienen una vulnerabilidad que podría ser usada en ataques CSRF. • http://www.securityfocus.com/bid/94876 http://www.securitytracker.com/id/1037464 https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2016-7882
https://notcve.org/view.php?id=CVE-2016-7882
Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks. Adobe Experience Manager versión 6.2 y versiones anteriores tienen un problema de validación de entrada en el filtro MDebug que podría utilizarse en ataques de XSS. • http://www.securityfocus.com/bid/94869 http://www.securitytracker.com/id/1037464 https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-4168
https://notcve.org/view.php?id=CVE-2016-4168
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Adobe Experience Manager 5.6.1, 6.0 y 6.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/92377 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-4253
https://notcve.org/view.php?id=CVE-2016-4253
The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors. La funcionalidad Backup en Adobe Experience Manager 5.6.1, 6.0, 6.1 y 6.2 permite a atacantes obtener información sensible a través de vectores no especificados. • http://www.securityfocus.com/bid/92380 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •