CVE-2024-43745

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 10, 2024
Updated: Dec 17, 2024
CWE ID 79

Summary

CVE-2024-43745 is a reflected Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.21 and earlier. Malicious JavaScript code can be executed in a victim's browser if they visit a specially crafted URL referencing a vulnerable page. An attacker can exploit this vulnerability to steal sensitive information or take control of the victim's browser. Adobe urges users to update their software to the latest version to mitigate this risk. Unpatched systems remain vulnerable to XSS attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Adobe Experience Manager

Affected Vendors

  • Adobe