CVE-2024-20768

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Mar 18, 2024

CWE ID 79

Summary

CVE-2024-20768 is a stored Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.19 and prior. This issue permits an attacker to inject malicious scripts into vulnerable form fields. Successful exploitation can lead to the execution of malicious JavaScript in a victim's browser when they view the affected page. The vulnerability poses a significant risk due to its potential for widespread impact and the potential for attackers to steal sensitive user data or perform unauthorized actions. Adobe strongly recommends users upgrade to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/u2-3CS
https://www.cve.org/CVERecord?id=CVE-2024-20768
https://nvd.nist.gov/vuln/detail/CVE-2024-20768

Back to Vulnerability Database

CVE-2024-20768

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations