CVE-2023-48487

Summary

CVE-2023-48487 is a Cross-site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.18 and earlier. This issue is DOM-based, meaning it exploits weaknesses in the way web applications handle data within the browser. A low-privileged attacker can take advantage of this flaw by crafting a malicious URL. If a victim visits this URL while on a vulnerable page, the attacker's malicious JavaScript code will be executed within the victim's browser, potentially leading to unauthorized actions or data theft.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.