nvd-json-data-feeds/CVE-2024/CVE-2024-539xx/CVE-2024-53974.json

{
  "id": "CVE-2024-53974",
  "sourceIdentifier": "psirt@adobe.com",
  "published": "2025-02-19T18:15:23.543",
  "lastModified": "2025-03-04T14:04:30.393",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field."
    },
    {
      "lang": "es",
      "value": "Las versiones de Adobe Experience Manager 6.5.21 y anteriores se ven afectadas por una vulnerabilidad Cross-Site Scripting (XSS) Almacenado que podr\u00eda ser abusada por un atacante de bajo privilegiado para inyectar scripts maliciosos en campos de forma vulnerables. JavaScript malicioso puede ejecutarse en el navegador de una v\u00edctima cuando navegan a la p\u00e1gina que contiene el campo vulnerable."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "psirt@adobe.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7
      }
    ]
  },
  "weaknesses": [
    {
      "source": "psirt@adobe.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*",
              "versionEndExcluding": "6.5.22.0",
              "matchCriteriaId": "4A30C141-E776-4D0C-8F40-17C9560BF2A3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*",
              "versionEndExcluding": "2024.11.0",
              "matchCriteriaId": "32D69634-ED91-469C-B4C8-FE1E942DCCE4"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html",
      "source": "psirt@adobe.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}