Adobe Experience Manager Improper Authorization at /content/usergenerated

Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by an Improper Authorization vulnerability allowing users to create nodes under a location. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue does not require user interaction.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

授权机制不恰当

Adobe Experience Manager 安全漏洞

Adobe Experience Manager（AEM）是美国奥多比（Adobe）公司的一套可用于构建网站、移动应用程序和表单的内容管理解决方案。该方案支持移动内容管理、营销销售活动管理和多站点管理等。 Adobe Experience Manager 存在安全漏洞，该漏洞源于程序存在一个未指明的错误， 远程未经身份验证的攻击者可以绕过授权过程而获得对应用程序的非法访问。以下产品和版本受到影响: Adobe Experience Manager 6.0, 6.0 HOTFIX 25133, 6.1, 6

N/A

N/A