Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-52837 |
Description: Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to access the manipulated URL or input for the exploit to execute.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|
|
CVE-2024-52836 |
Description: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|
|
CVE-2024-52835 |
Description: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|
|
CVE-2024-52834 |
Description: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|
|
CVE-2024-52833 |
Description: Substance3D - Modeler versions 1.14.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|
|
CVE-2024-52832 |
Description: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|
|
CVE-2024-52830 |
Description: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|
|
CVE-2024-52829 |
Description: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|
|
CVE-2024-52828 |
Description: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|
|
CVE-2024-52827 |
Description: Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
December 11th, 2024 (4 months ago)
|