CVE-2016-7882

6.1MEDIUM

Key Information:

Vendor: Adobe
Status: Adobe Experience Manager 6.2 And Earlier
Vendor: CVE Published:; 15 December 2016

Summary

Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks.

Affected Version(s)

Adobe Experience Manager 6.2 and earlier Adobe Experience Manager 6.2 and earlier

References

http://www.securitytracker.com/id/1037464

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/94869

vdb-entryx_refsource_BID

https://helpx.adobe.com/security/products/experience-mana...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 15, 2016
Vulnerability Reserved
Sep 9, 2016