CVE-2023-48505

Summary

CVE-2023-48505 is a stored Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.18 and prior. This issue allows a low-privileged attacker to inject malicious scripts into vulnerable form fields. By exploiting this flaw, an adversary can execute malicious JavaScript in a victim's browser when they visit a page containing the compromised form field. This vulnerability poses a significant risk, as it can lead to information theft, unauthorized account access, or even the installation of malware on users' machines. It is strongly recommended that affected organizations apply the appropriate patches or mitigations to protect against this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.