CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-11296
https://notcve.org/view.php?id=CVE-2017-11296
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager. Se ha descubierto un problema en Adobe Experience Manager 6.3, 6.2, 6.1 y 6.0. Se ha resuelto una vulnerabilidad de Cross-Site Scripting en Apache Sling Servlets Post 2.3.20 en Adobe Experience Manager. • http://www.securityfocus.com/bid/101844 http://www.securitytracker.com/id/1039800 https://helpx.adobe.com/security/products/experience-manager/apsb17-41.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3107
https://notcve.org/view.php?id=CVE-2017-3107
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. Adobe Experience Manager 6.3 y anteriores tiene una vulnerabilidad de error de configuración. • http://www.securityfocus.com/bid/100188 http://www.securitytracker.com/id/1039099 https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-3108
https://notcve.org/view.php?id=CVE-2017-3108
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability. Adobe Experience Manager 6.2 y anteriores tiene una vulnerabilidad de ejecución de archivos maliciosos. • http://www.securityfocus.com/bid/100195 http://www.securitytracker.com/id/1039099 https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2016-6933
https://notcve.org/view.php?id=CVE-2016-6933
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks. Adobe Experience Manager Forms en versión 6.2 y versiones anteriores, LiveCycle 11.0.1, LiveCycle 10.0.4 tienen un problema de validación de entrada en el AACComponent que puede ser utilizado en ataques de XSS. • http://www.securityfocus.com/bid/94867 http://www.securitytracker.com/id/1037465 https://helpx.adobe.com/security/products/aem-forms/apsb16-40.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7882
https://notcve.org/view.php?id=CVE-2016-7882
Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks. Adobe Experience Manager versión 6.2 y versiones anteriores tienen un problema de validación de entrada en el filtro MDebug que podría utilizarse en ataques de XSS. • http://www.securityfocus.com/bid/94869 http://www.securitytracker.com/id/1037464 https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •