CVE-2024-43719
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2024-43719 is a DOM-based Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.21 and prior. This issue allows attackers to inject malicious scripts into a victim's browser session by manipulating a DOM element through a crafted URL or user input. Successful exploitation of this vulnerability requires user interaction, as the victim must access the manipulated URL or input the tainted data for the malicious scripts to run. Attackers can use this vulnerability to steal sensitive information, install malware, or perform other malicious actions in the context of the victim's browser session. This issue poses a significant risk to organizations using the affected versions of Adobe Experience Manager and highlights the importance of keeping software up-to-date to protect against known vulnerabilities.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe Experience Manager
Affected Vendors
- Adobe