CVE-2016-6934

6.1MEDIUM

Key Information:

Vendor
Adobe
Status
Adobe Experience Manager Forms 6.2 And Earlier, Livecycle 11.0.1, Livecycle 10.0.4
Vendor
CVE Published:
15 December 2016

Summary

Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the PMAdmin module that could be used in cross-site scripting attacks.

Affected Version(s)

Adobe Experience Manager Forms 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 Adobe Experience Manager Forms 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4

References

http://www.securityfocus.com/bid/94867
vdb-entryx_refsource_BID
https://helpx.adobe.com/security/products/aem-forms/apsb1...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1037465
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.