Skip to main content
CVE-2023-48454 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48453 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48452 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48451 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48450 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48449 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48448 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48447 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48446 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48445 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48444 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Adobe XSS Experience Manager Experience Manager Cloud Service
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48443 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Adobe XSS Experience Manager
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48442 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Adobe XSS Experience Manager
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-48440 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Adobe XSS Experience Manager
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-47065 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Adobe XSS Experience Manager
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-47064 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Adobe XSS Experience Manager
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-50266 MEDIUM PATCH This Month

Bazarr manages and downloads subtitles. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Bazarr
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-6839 MEDIUM This Month

Due to improper error handling, a REST API resource could expose a server side error containing an internal WSO2 specific package name in the HTTP response. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Api Manager
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-48441 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.5.18 and earlier are affected by an Improper Access Control vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe Authentication Bypass Experience Manager
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-6835 MEDIUM This Month

Multiple WSO2 products have been identified as vulnerable due to lack of server-side input validation in the Forum feature, API rating could be manipulated. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Api Manager Iot Server
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-48379 MEDIUM This Month

Softnext Mail SQR Expert is an email management platform, it has inadequate filtering for a specific URL parameter within a specific function. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Mail Sqr Expert
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-30867 MEDIUM PATCH This Month

In the Streampark platform, when users log in to the system and use certain features, some pages provide a name-based fuzzy search, such as job names, role names, etc. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Streampark
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-49188 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZealousWeb Track Geolocation Of Users Using Contact Form 7 allows Stored XSS.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Track Geolocation Of Users Using Contact Form 7
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-27317 MEDIUM This Month

ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ontap
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2023-49197 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case.4.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Dofollow Case By Case
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-49749 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in SureTriggers SureTriggers - Connect All Your Plugins, Apps, Tools & Automate Everything!.0.23. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Suretriggers
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-5061 MEDIUM This Month

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-50871 MEDIUM This Month

In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Youtrack
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-48393 MEDIUM This Month

Kaifa Technology WebITR is an online attendance system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Webitr Attendance System
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-36878 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Google Microsoft Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
0.9%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy