CVE-2022-38438 – Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross- …

Vuln ID: CVE-2022-38438

Published:  2022-09-23  19:15:14Z

Description: Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. Exploitation of this issue requires low-privilege access to AEM.

Source: NVD.NIST.GOV