Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager Forms
CVE-2019-8089

6.1MEDIUM

Key Information:

Vendor

Adobe
Status
Adobe Experience Manager Forms
Vendor
CVE Published:
22 October 2019

What is CVE-2019-8089?

Adobe Experience Manager Forms versions 6.3 to 6.5 are susceptible to a reflected cross-site scripting vulnerability. When exploited, this issue could allow an attacker to inject malicious scripts into web pages viewed by unsuspecting users. Such exploitation may lead to unauthorized access to sensitive information, posing a risk to user data and privacy.

Affected Version(s)

Adobe Experience Manager Forms Adobe Experience Manager Forms versions 6.3-6.5

References

https://helpx.adobe.com/security/products/aem-forms/apsb1...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.