CVE-2022-30685

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.13.0 and earlier

Description The issue is related to a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker convinces a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. The vulnerability is also described as related to the lack of protection of the web page structure, which may allow a remote attacker to conduct cross-site scripting attacks using a specially crafted link.

Recommendations For Adobe Experience Manager versions 6.5.13.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.