CVE-2024-26080

Summary

CVE-2024-26080 is a DOM-based Cross-Site Scripting (XSS) vulnerability that affects Adobe Experience Manager versions 6.5.19 and earlier. This vulnerability allows attackers to inject malicious scripts into vulnerable web pages, potentially leading to the execution of malicious JavaScript in a victim's browser when they visit the affected page. The risk score for this vulnerability is 25, indicating a medium level of severity. The exploitability score is 2.3, and the base score is 5.4, both suggesting a relatively low level of difficulty for an attacker to exploit the vulnerability. It requires low privileges and user interaction, while the attack vector is through the network. The impact scores for integrity and confidentiality are both low, with no availability impact identified. Remediation measures to address this vulnerability should be provided by Adobe, and organizations using affected versions of Adobe Experience Manager should apply these updates promptly to mitigate any potential risks associated with this vulnerability. Note: The information provided in this summary is based on the given text, but further details may be available from trusted sources such as Adobe or security advisories related to CVE-2024-26080.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.