BID:106678

Adobe Experience Manager CVE-2018-19727 Cross Site Scripting Vulnerability

CVE-2018-19727 |

Info

Adobe Experience Manager CVE-2018-19727 Cross Site Scripting Vulnerability

Bugtraq ID:	106678
Class:	Input Validation Error
CVE:	CVE-2018-19727
Remote:	Yes
Local:	No
Published:	Jan 22 2019 12:00AM
Updated:	Jan 22 2019 12:00AM
Credit:	The vendor reported this issue.
Vulnerable:	Adobe Experience Manager 6.4 Adobe Experience Manager 6.3

Not Vulnerable:

Exploit / POC

Adobe Experience Manager CVE-2018-19727 Cross Site Scripting Vulnerability

To exploit this issue, the attacker needs to entice a user into following a malicious URI.

Solution / Fix

Adobe Experience Manager CVE-2018-19727 Cross Site Scripting Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

Adobe Experience Manager CVE-2018-19727 Cross Site Scripting Vulnerability

References:

Adobe Experience Manager AEM releases and updates (Adobe)
Adobe Homepage (Adobe)
APSB19-09: Security updates available for Adobe Experience Manager (Adobe)