Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Adobe Subscribe
Total 6226 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-22269 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2023-22268 2 Adobe, Microsoft 2 Robohelp Server, Windows 2024-11-21 N/A 6.5 MEDIUM
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an low-privileged authenticated attacker. Exploitation of this issue does not require user interaction.
CVE-2023-22266 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22265 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22264 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22263 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22262 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22261 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22260 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22259 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22258 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22257 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22256 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
CVE-2023-22254 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2023-22253 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2023-22252 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2023-22251 1 Adobe 2 Commerce, Magento Open Source 2024-11-21 N/A 4.3 MEDIUM
Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Incorrect Authorization vulnerability. A low-privileged authenticated attacker could leverage this vulnerability to achieve minor information disclosure.
CVE-2023-22250 1 Adobe 2 Commerce, Magento Open Source 2024-11-21 N/A 5.3 MEDIUM
Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.
CVE-2023-22249 1 Adobe 2 Commerce, Magento Open Source 2024-11-21 N/A 4.8 MEDIUM
Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVE-2023-22248 1 Adobe 2 Commerce, Magento 2024-11-21 N/A 7.5 HIGH
Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to leak another user's data. Exploitation of this issue does not require user interaction.