CVE-2024-43722

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 10, 2024

Updated: Dec 17, 2024

CWE ID 79

Summary

CVE-2024-43722 is a DOM-based Cross-Site Scripting (XSS) vulnerability that affects Adobe Experience Manager versions 6.5.21 and older. This issue allows an attacker to inject malicious scripts into a victim's browser session by manipulating a DOM element through a crafted URL or user input. The attacker requires user interaction, meaning the victim must access the manipulated URL or input the malicious data for the script to execute. Successful exploitation could lead to the execution of arbitrary code in the victim's browser.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Experience Manager

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xyQOqn
https://www.cve.org/CVERecord?id=CVE-2024-43722
https://nvd.nist.gov/vuln/detail/CVE-2024-43722

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners