漏洞描述
Adobe Experience Manager(AEM)是美国奥多比(Adobe)公司的一套可用于构建网站、移动应用程序和表单的内容管理解决方案。该方案支持移动内容管理、营销销售活动管理和多站点管理等。 Adobe Experience Manager 6.5.20版本及之前版本存在跨站脚本漏洞,该漏洞源于包含一个基于DOM的跨站脚本漏洞。
Adobe Experience Manager 跨站脚本漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2019-16469: Adobe Experience Manager - Expression Language Injection
- POC CVE-2019-8086: Adobe Experience Manager - XML External Entity Injection
- POC CVE-2025-54249: Adobe Experience Manager ≤ 6.5.23.0 – SSRF
- POC CVE-2025-54251: Adobe Experience Manager ≤ 6.5.23.0 - XML Injection
- POC aem-felix-console: Adobe Experience Manager Felix Console - Default Login
- POC aem-xss-childlist: Adobe Experience Manager Childlist Selector - Cross-Site Scripting
- POC aem-setpreferences-xss: Adobe Experience Manager - Cross-Site Scripting
- POC aem-xss-childlist-selector: Adobe Experience Manager - Cross-Site Scripting
- POC CVE-2025-54253: Adobe Experience Manager Forms - Insecure Deserialization
- POC aem-dispatcher-bypass: Adobe Experience Manager - Dispatcher Bypass