CVE-2023-48570

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 15, 2023

Updated: Dec 16, 2023

CWE ID 79

Summary

CVE-2023-48570 refers to a stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager versions 6.5.18 and below. This issue allows a low-privileged attacker to inject malicious scripts into form fields, which can be executed in a victim's browser when they access the affected page. The vulnerability poses a significant risk, as it enables attackers to steal sensitive information or carry out further exploits. Adobe strongly recommends that affected organizations upgrade to a patched version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Experience Manager

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tcTbcx
https://www.cve.org/CVERecord?id=CVE-2023-48570
https://nvd.nist.gov/vuln/detail/CVE-2023-48570

Back to Vulnerability Database