Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Experience Manager — Vulnerabilities & Security Advisories 104

All 104 CVE vulnerabilities found in Experience Manager, with AI-generated Chinese analysis, references, and POCs.

Vendor: Adobe Systems Incorporated

CVE IDTitleCVSSSeverityPublished
CVE-2022-30686 AEM Reflected XSS Arbitrary code execution CWE-79 5.4 Medium2022-09-16
CVE-2022-30682 AEM Reflected XSS Arbitrary code execution CWE-79 5.4 Medium2022-09-16
CVE-2022-30680 AEM Reflected XSS Arbitrary code execution CWE-79 5.4 -2022-09-16
CVE-2022-30685 AEM Reflected XSS Arbitrary code execution CWE-79 5.4 Medium2022-09-16
CVE-2022-30678 AEM Reflected XSS Arbitrary code execution CWE-79 5.4 -2022-09-16
CVE-2022-30683 AEM Violation of Secure Design Principles Security feature bypass CWE-657 5.3 -2022-09-16
CVE-2022-30677 AEM Reflected XSS Arbitrary code execution CWE-79 5.4 -2022-09-16
CVE-2022-35697 AEM File Upload Security Issue leading to RXSS CWE-79 5.4 Medium2022-08-09
CVE-2022-28820 Adobe Consulting Services Reflected Cross-Site Scripting Arbitrary Code Execution CWE-79 6.1 Medium2022-04-21
CVE-2021-43764 Adobe Experience Manager Stored XSS in the Spin Set CWE-79 8.0 High2022-01-13
CVE-2021-44176 Adobe Experience Manager Stored XSS in workflow Stages parameter CWE-79 8.1 High2022-01-13
CVE-2021-43761 Adobe Experience Manager Stored XSS on Edit Tag page via Localization input CWE-79 8.0 High2022-01-13
CVE-2021-44177 Adobe Experience Manager Stored XSS in user name parameter in the package manager CWE-79 8.1 High2022-01-13
CVE-2021-40722 AEM Forms Improper Restriction of XML External Entity Reference CWE-611 9.8 Critical2022-01-13
CVE-2021-43765 Adobe Experience Manager Stored XSS in the Carousel Set CWE-79 8.1 High2022-01-13
CVE-2021-44178 Adobe Experience Manager Reflected XSS in /bin/wcm/contentfinder/page/view.html CWE-79 5.4 Medium2022-01-13
CVE-2021-43762 Adobe Experience Manager Unicode normalization leads to dispatcher bypass CWE-20 6.5 Medium2022-01-13
CVE-2021-40712 Adobe Experience Manager Path parameter Improper Input Validation Could Lead To DOS CWE-20 6.5 Medium2021-09-27
CVE-2021-40714 Adobe Experience Manager Reflected Cross Site Scripting via accesskey parameter CWE-79 6.1 Medium2021-09-27
CVE-2021-40713 Adobe Experience Manager Improper Certificate Validation Could Lead to Man In The Middle Attack CWE-295 5.9 Medium2021-09-27
CVE-2021-40711 Adobe Experience Manager Stored Cross-Site Scripting Could Lead to Arbitrary Code Execution CWE-79 5.4 Medium2021-09-27
CVE-2021-28627 Adobe Experience Manager Server-side Request Forgery could lead to Security feature bypass CWE-918 5.4 Medium2021-08-24
CVE-2021-28628 Adobe Experience Manager Cross-site Scripting vulnerability in inbox render.jsp CWE-79 6.3 Medium2021-08-24
CVE-2021-28625 Adobe Experience Manager Cross-site Scripting vulnerability in inbox workitem.jsp CWE-79 6.3 Medium2021-08-24
CVE-2021-28626 Adobe Experience Manager Improper Authorization at /content/usergenerated CWE-285 3.7 Low2021-08-24
CVE-2021-21084 Adobe Experience Manager stored cross-site scripting vulnerability in resource resolver factory could lead to arbitrary code execution CWE-79 7.3 High2021-06-28
CVE-2021-21083 Adobe Experience Manager broken access control in DSRPReindexServlet could lead to denial-of-service CWE-284 7.5 High2021-06-28
CVE-2021-21043 Reflected Cross-site Scripting (XSS) on version-compare and page-compare tools CWE-79 6.1 Medium2021-02-02
CVE-2020-24444 Blind SSRF in Forms add-on for AEM CWE-918 5.8 Medium2020-12-10
CVE-2020-24445 Cross-site Scripting Vulnerability in Commenting Function of Adobe Experience Manager (AEM) CWE-79 9.0 Critical2020-12-10

All 104 known CVE vulnerabilities affecting Experience Manager with full Chinese analysis, references, and POCs where available.