CVE-2023-48473

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 15, 2023

Updated: Dec 18, 2023

CWE ID 79

Summary

CVE-2023-48473 is a Cross-site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.18 and prior. This DOM-based XSS issue allows an attacker, with low privileges, to manipulate a URL leading to the execution of malicious JavaScript code within the victim's browser when they visit the vulnerable page. This can potentially lead to data theft or unauthorized access. Users are encouraged to update their Adobe Experience Manager instances to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Experience Manager
Adobe Experience Manager AEM Cloud Service

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tcTbcT
https://www.cve.org/CVERecord?id=CVE-2023-48473
https://nvd.nist.gov/vuln/detail/CVE-2023-48473

Back to Vulnerability Database