CVE-2024-43713

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.21 and earlier

Description A DOM-based Cross-Site Scripting (XSS) issue affects Adobe Experience Manager, allowing an attacker to execute arbitrary code in the context of the victim's browser session. This is achieved by manipulating a DOM element through a crafted URL or user input, enabling the injection of malicious scripts that run when the page is rendered. The attack requires user interaction, as the victim must access a manipulated URL or page with the malicious script.

Recommendations For Adobe Experience Manager versions 6.5.21 and earlier, update to a version later than 6.5.21 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.