CVE-2023-48498
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2023-48498 is a reflected Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.18 and earlier. This issue allows a low-privileged attacker to execute malicious JavaScript code in a victim's browser by convincing them to visit a specially crafted URL linked to a vulnerable page. Successful exploitation could lead to unintended actions, such as session hijacking or data theft, within the context of the affected website. It is recommended that users upgrade to the latest version of Adobe Experience Manager to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe Experience Manager
- Adobe Experience Manager AEM Cloud Service
Affected Vendors
- Adobe