CVE-2023-48489

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 15, 2023

Updated: Dec 18, 2023

CWE ID 79

Summary

CVE-2023-48489 is a Cross-site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.18 and earlier. This issue allows a low-privileged attacker to execute malicious JavaScript content within the victim's browser by convincing them to visit a specially crafted URL referencing a vulnerable page. Successful exploitation could lead to information disclosure or unauthorized actions on behalf of the victim. Upgrading to a patched version is strongly recommended to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Experience Manager
Adobe Experience Manager AEM Cloud Service

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tcTjKS
https://www.cve.org/CVERecord?id=CVE-2023-48489
https://nvd.nist.gov/vuln/detail/CVE-2023-48489

Back to Vulnerability Database