CVE-2017-3111
- EPSS 6.8%
- Veröffentlicht 09.12.2017 06:29:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances.
CVE-2017-11296
- EPSS 2.93%
- Veröffentlicht 09.12.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager.
CVE-2017-3107
- EPSS 6.8%
- Veröffentlicht 11.08.2017 19:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.
CVE-2017-3108
- EPSS 8.62%
- Veröffentlicht 11.08.2017 19:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability.
CVE-2017-3110
- EPSS 5.25%
- Veröffentlicht 11.08.2017 19:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability.
CVE-2016-7885
- EPSS 3.45%
- Veröffentlicht 15.12.2016 06:59:49
- Zuletzt bearbeitet 06.05.2026 22:30:45
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.
CVE-2016-7884
- EPSS 2.62%
- Veröffentlicht 15.12.2016 06:59:48
- Zuletzt bearbeitet 06.05.2026 22:30:45
Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks.
CVE-2016-7883
- EPSS 2.62%
- Veröffentlicht 15.12.2016 06:59:47
- Zuletzt bearbeitet 06.05.2026 22:30:45
Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks.
CVE-2016-7882
- EPSS 2.64%
- Veröffentlicht 15.12.2016 06:59:46
- Zuletzt bearbeitet 06.05.2026 22:30:45
Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks.
CVE-2016-6933
- EPSS 2%
- Veröffentlicht 15.12.2016 06:59:26
- Zuletzt bearbeitet 06.05.2026 22:30:45
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks.