CVE-2024-26103

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.19 and earlier

Description The issue is related to a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this by convincing a victim to visit a specially crafted URL, potentially leading to the execution of malicious JavaScript content within the victim's browser context. The vulnerability exists due to inadequate protection of the web page structure, allowing a remote attacker to execute arbitrary JavaScript code using a specially crafted URL.

Recommendations For Adobe Experience Manager versions 6.5.19 and earlier, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to potentially vulnerable pages or implementing additional security measures to minimize the risk of malicious URL visits.