CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,390 vulnerabilities with CWE-79
CVE-2024-52846 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52845 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52844 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-52843 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52842 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52841 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52840 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-52839 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-52838 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-52837 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-52836 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52835 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52834 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52832 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52830 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52829 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52828 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52827 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52826 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52825 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52824 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52823 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-52822 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - DOM-based Cross-Site Scripting via Crafted URL
CVSS 5.4
CVE-2024-52818 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2024-52817 MEDIUM
Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
Details
Vulnerabilities 45,390
Exploit Likelihood High