2024-12-04
Platform: Adobe Experience Manager
Version: 6.5.19 and earlier
Vulnerability: Stored Cross-Site Scripting (XSS)
Severity: MEDIUM
Date: March 18, 2024 (Published)
What Undercode Says:
This vulnerability allows attackers to inject malicious scripts into vulnerable forms on Adobe Experience Manager versions 6.5.19 and earlier. When a victim browses a page containing the malicious script, it can be executed in their browser, potentially leading to various attacks.
Analytics:
This vulnerability is rated as MEDIUM severity according to the CVSS v3 scoring system.
It affects Adobe Experience Manager versions 6.5.19 and earlier.
Attackers can exploit this vulnerability by injecting malicious scripts into vulnerable forms.
Successful exploitation could lead to code execution in the victim’s browser.
This vulnerability was published on March 18, 2024.
Recommendations:
Upgrade Adobe Experience Manager to version 6.5.20 or later.
Implement security best practices to prevent XSS vulnerabilities, such as properly sanitizing user input.
Note: This is a brief summary of the CVE-2024-26124 vulnerability. For more detailed information, please refer to the official CVE details or consult with a security professional.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help