CVE-2024-52822

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 10, 2024
Updated: Dec 18, 2024
CWE ID 79

Summary

CVE-2024-52822 is a DOM-based Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.21 and prior. An attacker can potentially execute arbitrary code in a victim's browser session by manipulating a DOM element through a specially crafted URL or user input. The exploitation of this vulnerability requires user interaction, meaning the victim must access the manipulated URL or page containing the malicious script. This issue could lead to data theft, unauthorized access, or other malicious activities. Users are advised to update their Adobe Experience Manager installations to the latest version to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Adobe Experience Manager

Affected Vendors

  • Adobe