CVE-2024-26044

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.19 and earlier

Description The issue exists due to inadequate protection of the webpage structure, allowing a remote attacker to exploit it and execute arbitrary code. This is a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage, resulting in the execution of malicious JavaScript in a victim's browser.

Recommendations For Adobe Experience Manager versions 6.5.19 and earlier, consider disabling the execution of scripts from untrusted sources as a temporary workaround until a patch is available. Restrict access to sensitive areas of the webpage to minimize the risk of exploitation. Avoid using the vulnerable script in the affected webpage until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.