CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7884
https://notcve.org/view.php?id=CVE-2016-7884
Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks. Adobe Experience Manager versión 6.1 y versiones anteriores tienen un problema de validación de entrada en DAM create assets que podría utilizarse en ataques de XSS. • http://www.securityfocus.com/bid/94869 http://www.securitytracker.com/id/1037464 https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7885
https://notcve.org/view.php?id=CVE-2016-7885
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks. Adobe Experience Manager versión 6.2 y versiones anteriores tienen una vulnerabilidad que podría ser usada en ataques CSRF. • http://www.securityfocus.com/bid/94876 http://www.securitytracker.com/id/1037464 https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4170
https://notcve.org/view.php?id=CVE-2016-4170
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Adobe Experience Manager 5.6.1, 6.0, 6.1 y 6.2 permite a atacantes remotos inyectar secuencia de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/92378 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 3EXPL: 0CVE-2016-4168
https://notcve.org/view.php?id=CVE-2016-4168
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Adobe Experience Manager 5.6.1, 6.0 y 6.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/92377 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4169
https://notcve.org/view.php?id=CVE-2016-4169
Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event information via unspecified vectors. Adobe Experience Manager 6.0, 6.1 y 6.2 permiten a atacantes obtener información de eventos de registro de auditoría sensible a través de vectores no especificados. • http://www.securityfocus.com/bid/92382 http://www.securitytracker.com/id/1036563 https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •