CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4170
https://notcve.org/view.php?id=CVE-2016-4170
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Adobe Experience Manager 5.6.1, 6.0, 6.1 y 6.2 permite a atacantes remotos inyectar secuencia de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/92378 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 3EXPL: 0CVE-2016-4168
https://notcve.org/view.php?id=CVE-2016-4168
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Adobe Experience Manager 5.6.1, 6.0 y 6.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/92377 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4169
https://notcve.org/view.php?id=CVE-2016-4169
Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event information via unspecified vectors. Adobe Experience Manager 6.0, 6.1 y 6.2 permiten a atacantes obtener información de eventos de registro de auditoría sensible a través de vectores no especificados. • http://www.securityfocus.com/bid/92382 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4253
https://notcve.org/view.php?id=CVE-2016-4253
The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors. La funcionalidad Backup en Adobe Experience Manager 5.6.1, 6.0, 6.1 y 6.2 permite a atacantes obtener información sensible a través de vectores no especificados. • http://www.securityfocus.com/bid/92380 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 2%CPEs: 7EXPL: 1CVE-2016-0956 – Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure
https://notcve.org/view.php?id=CVE-2016-0956
The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors. El componente Servlets Post 2.3.6 en Apache Sling, como se utiliza en Adobe Experience Manager 5.6.1, 6.0.0 y 6.1.0, permite a atacantes remotos obtener información sensible a través de vectores no especificados. Apache Sling Framework version 2.3.6 suffers from an information disclosure vulnerability. • https://www.exploit-db.com/exploits/39435 http://packetstormsecurity.com/files/135720/Apache-Sling-Framework-2.3.6-Information-Disclosure.html http://seclists.org/fulldisclosure/2016/Feb/48 http://www.securityfocus.com/archive/1/537498/100/0/threaded https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •