CVSS 3.1 Score 5.4 of 10 (medium)


Published Dec 15, 2023
Updated: Dec 18, 2023


CVE-2023-48492 is a Cross-site Scripting (DOM-based XSS) vulnerability that affects Adobe Experience Manager versions 6.5.18 and earlier. This vulnerability can be exploited by a low-privileged attacker who convinces a victim to visit a URL referencing a vulnerable page, allowing malicious JavaScript content to be executed in the victim's browser. The affected products include YLUd9f, YLUd9e, YLUd9d, YLUd9c, YLUd9b, YLUd9a, YLUd9Z, RSDnYR, eNAlAl, and many others. The risk score for this vulnerability is 25 out of 100. To remediate the issue, it is recommended to update Adobe Experience Manager to version 6.5.19 or later. This vulnerability poses a medium-level danger to organizations as it could lead to unauthorized access or manipulation of sensitive data through the execution of malicious scripts in users' browsers.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-48492 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options