Adobe Experience_manager

19 CVEs affecting Adobe Experience_manager. Latest disclosed: 2017-12-09. Critical: 1, High: 7.

Top CVEs affecting Adobe Experience_manager
CVE	Severity	Score	Published	Summary
`CVE-2017-3108`	Critical	`9.8`	2017-08-11	Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability.
`CVE-2016-7885`	High	`8.8`	2016-12-15	Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
`CVE-2017-3111`	High	`7.5`	2017-12-09	An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances.
`CVE-2017-3110`	High	`7.5`	2017-08-11	Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability.
`CVE-2017-3107`	High	`7.5`	2017-08-11	Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.
`CVE-2016-0958`	High	`7.5`	2016-02-10	Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object.
`CVE-2016-0957`	High	`7.5`	2016-02-10	Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass d…
`CVE-2016-0956`	High	`7.5`	2016-02-10	The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive inf…
`CVE-2017-3109`	Medium	`6.1`	2017-12-09	An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Adobe Experience Manager has a reflected cross-site scripting vulnerability in the Html…
`CVE-2017-11296`	Medium	`6.1`	2017-12-09	An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been reso…
`CVE-2016-7884`	Medium	`6.1`	2016-12-15	Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks.
`CVE-2016-7883`	Medium	`6.1`	2016-12-15	Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks.
`CVE-2016-7882`	Medium	`6.1`	2016-12-15	Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks.
`CVE-2016-6933`	Medium	`6.1`	2016-12-15	Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be us…
`CVE-2016-4170`	Medium	`6.1`	2016-08-09	Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows remote attackers to inject arbitrary web script or HTML vi…
`CVE-2016-4168`	Medium	`6.1`	2016-08-09	Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via uns…
`CVE-2016-0955`	Medium	`6.1`	2016-02-10	Cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM) 6.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a…
`CVE-2016-4253`	Medium	`5.3`	2016-08-09	The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors.
`CVE-2016-4169`	Medium	`5.3`	2016-08-09	Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event information via unspecified vectors.