CVE-2023-48477

Summary

CVE-2023-48477 is a Cross-site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.18 and below. This DOM-based XSS issue allows a low-privileged attacker to inject malicious JavaScript code into a webpage, which can be executed in the victim's browser when they visit a specially crafted URL. Successful exploitation of this vulnerability could lead to data theft, session hijacking, or unauthorized actions on behalf of the victim. Users are strongly advised to update their Adobe Experience Manager instances to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.