Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2018-12806

6.1MEDIUM

Key Information:

Vendor

Adobe
Status
Adobe Experience Manager Versions 6.4, 6.3, 6.2, 6.1, And 6.0
Vendor
CVE Published:
29 August 2018

What is CVE-2018-12806?

Adobe Experience Manager versions 6.0 to 6.4 are susceptible to a reflected cross-site scripting vulnerability that could allow an attacker to execute malicious scripts in the context of a user's session. This vulnerability can lead to the unauthorized disclosure of sensitive information, making it crucial for users to apply security updates and conduct thorough security assessments to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Adobe Experience Manager 6.4, 6.3, 6.2, 6.1, and 6.0 Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0

References

https://helpx.adobe.com/security/products/experience-mana...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1041470
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/105067
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.