Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2024-52992

5.4MEDIUM

Key Information:

Vendor: Adobe
Status: Experience Manager
Vendor: CVE Published:; 10 December 2024

What is CVE-2024-52992?

Adobe Experience Manager has a vulnerability where versions 6.5.21 and earlier are susceptible to a stored Cross-Site Scripting (XSS) attack. This vulnerability allows attackers to inject malicious JavaScript into form fields, potentially leading to unauthorized actions being performed on behalf of users. When a user interacts with a page containing an affected form field, the injected scripts can be executed within their browser. This can result in data theft, session hijacking, or other malicious actions, making it critical for users of affected versions to apply security updates or mitigations as soon as possible. For detailed information and recommended actions, refer to the official Adobe security advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://helpx.adobe.com/security/products/experience-mana...

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 10, 2024

JSON

Adobe

What is CVE-2024-52992?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.