CVE-2018-4876

Summary

Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function.

Affected Software

VendorProductVersion RangeStatus
n/aAdobe Experience Manager 6.3, 6.2, 6.1Adobe Experience Manager 6.3, 6.2, 6.1affected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References