Page 90 of 449 results (0.024 seconds)

CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0

Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Adobe Experience Manager 5.6.1, 6.0, 6.1 y 6.2 permite a atacantes remotos inyectar secuencia de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/92378 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 3%CPEs: 7EXPL: 0

Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors. Dispatcher en versiones anteriores a 4.1.5 en Adobe Experience Manager 5.6.1, 6.0.0 y 6.1.0 no implementa correctamente un filtro URL, lo que permite a atacantes remotos eludir las normas del dispatcher a través de vectores no especificados. • https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object. Adobe Experience Manager 5.6.1, 6.0.0 y 6.1.0 podría permitir a atacantes remotos tener un impacto no especificado a través de un objeto Java serializado manipulado. • https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 2%CPEs: 7EXPL: 1

The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors. El componente Servlets Post 2.3.6 en Apache Sling, como se utiliza en Adobe Experience Manager 5.6.1, 6.0.0 y 6.1.0, permite a atacantes remotos obtener información sensible a través de vectores no especificados. Apache Sling Framework version 2.3.6 suffers from an information disclosure vulnerability. • https://www.exploit-db.com/exploits/39435 http://packetstormsecurity.com/files/135720/Apache-Sling-Framework-2.3.6-Information-Disclosure.html http://seclists.org/fulldisclosure/2016/Feb/48 http://www.securityfocus.com/archive/1/537498/100/0/threaded https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •