CVE-2024-43719

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 10, 2024
Updated: Dec 17, 2024
CWE ID 79

Summary

CVE-2024-43719 is a DOM-based Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.21 and prior. This issue allows attackers to inject malicious scripts into a victim's browser session by manipulating a DOM element through a crafted URL or user input. Successful exploitation of this vulnerability requires user interaction, as the victim must access the manipulated URL or input the tainted data for the malicious scripts to run. Attackers can use this vulnerability to steal sensitive information, install malware, or perform other malicious actions in the context of the victim's browser session. This issue poses a significant risk to organizations using the affected versions of Adobe Experience Manager and highlights the importance of keeping software up-to-date to protect against known vulnerabilities.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Adobe Experience Manager

Affected Vendors

  • Adobe