CVE-2023-48589

Summary

CVE-2023-48589 is a Cross-site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.18 and older. This issue is DOM-based, meaning it exploits weaknesses in the handling of untrusted user input within the browser. If an attacker successfully convinces a user to visit a malicious URL referencing a vulnerable page, they can execute malicious JavaScript code within the user's browser context. This could lead to unauthorized access, information disclosure, or other forms of attack. Users are advised to update their Adobe Experience Manager installations to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.