CVSS 3.1 Score 5.4 of 10 (medium)


Published Mar 18, 2024


CVE-2024-26080 is a DOM-based Cross-Site Scripting (XSS) vulnerability that affects Adobe Experience Manager versions 6.5.19 and earlier. This vulnerability allows attackers to inject malicious scripts into vulnerable web pages, potentially leading to the execution of malicious JavaScript in a victim's browser when they visit the affected page. The risk score for this vulnerability is 25, indicating a medium level of severity. The exploitability score is 2.3, and the base score is 5.4, both suggesting a relatively low level of difficulty for an attacker to exploit the vulnerability. It requires low privileges and user interaction, while the attack vector is through the network. The impact scores for integrity and confidentiality are both low, with no availability impact identified. Remediation measures to address this vulnerability should be provided by Adobe, and organizations using affected versions of Adobe Experience Manager should apply these updates promptly to mitigate any potential risks associated with this vulnerability.

Note: The information provided in this summary is based on the given text, but further details may be available from trusted sources such as Adobe or security advisories related to CVE-2024-26080.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-26080 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options