CVE-2024-20779

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Apr 10, 2024

CWE ID 79

Summary

CVE-2024-20779 is a stored Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager versions 6.5.19 and earlier. This issue enables attackers to inject malicious scripts into vulnerable form fields. Successful exploitation allows the execution of malicious JavaScript in a victim's browser when they visit a page containing the affected form. The vulnerability poses a significant risk, as it can lead to data theft, unauthorized account access, and other malicious activities. Users are encouraged to update their Adobe Experience Manager installation to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vS6Abw
https://www.cve.org/CVERecord?id=CVE-2024-20779
https://nvd.nist.gov/vuln/detail/CVE-2024-20779

Back to Vulnerability Database

CVE-2024-20779

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations