CVE-2024-43712

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.21 and earlier

Description The issue is a DOM-based Cross-Site Scripting (XSS) vulnerability that could allow an attacker to execute arbitrary code in the context of the victim's browser. This occurs when data from a user-controllable source is improperly sanitized before being used in the Document Object Model (DOM) of a web page, leading to the execution of malicious scripts. Exploitation requires user interaction, such as tricking a victim into clicking a link or navigating to a malicious website.

Recommendations For Adobe Experience Manager versions 6.5.21 and earlier, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.