CVE-2024-52822
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2024-52822 is a DOM-based Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.21 and prior. An attacker can potentially execute arbitrary code in a victim's browser session by manipulating a DOM element through a specially crafted URL or user input. The exploitation of this vulnerability requires user interaction, meaning the victim must access the manipulated URL or page containing the malicious script. This issue could lead to data theft, unauthorized access, or other malicious activities. Users are advised to update their Adobe Experience Manager installations to the latest version to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe Experience Manager
Affected Vendors
- Adobe