CVE-2024-43720

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.21 and earlier

Description The issue is related to insufficient protection of the web page structure in Adobe Experience Manager, which could allow a remote attacker to execute arbitrary code. This is a DOM-based Cross-Site Scripting (XSS) vulnerability that can be exploited by manipulating the DOM environment in the victim's browser, allowing an attacker to inject malicious scripts that are executed by the victim's browser. Exploitation of this issue requires user interaction, typically in the form of following a malicious link.

Recommendations For Adobe Experience Manager versions 6.5.21 and earlier, update to a version later than 6.5.21 to resolve the issue. As a temporary workaround, consider restricting user interaction with potentially malicious links to minimize the risk of exploitation. Additionally, be cautious when following links from untrusted sources to avoid potential attacks.