CVE-2023-48594

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 15, 2023

Updated: Dec 16, 2023

CWE ID 79

Summary

CVE-2023-48594 is a stored Cross-Site Scripting (XSS) vulnerability that affects Adobe Experience Manager versions 6.5.18 and older. This issue allows a low-privileged attacker to inject malicious scripts into vulnerable form fields. Successful exploitation results in the execution of malicious JavaScript in a victim's browser when they visit the affected webpage. This vulnerability poses a significant security risk, as unintended code execution can lead to data theft, unauthorized access, or other malicious activities. Users are strongly encouraged to apply the available patches or updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Adobe Experience Manager

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners