Adobe Clears Experience Manager Holes

Tuesday, January 22, 2019 @ 04:01 PM gHale

Adobe released security updates to address vulnerabilities in Adobe Experience Manager and Experience Manager Forms, according to a report from NCCIC.

An attacker could exploit these vulnerabilities to obtain sensitive information.

RELATED STORIES
Flash by Default Ending in Firefox
‘Important’ Adobe Patch Tuesday
Adobe Fixes Critical Acrobat, Reader Holes
Adobe Patches Acrobat, Reader Holes

In the bulletin labeled APSB19-03, the updates resolve a stored cross-site scripting vulnerability rated important that could result in sensitive information disclosure.

Adobe’s Experience Manager Forms versions 6.4, 6.3, and 6.2 suffer from the issue.
Researcher, Adam Willard, reported the vulnerability,

In the other vulnerability labeled APSB19-09, Adobe fixed one reflected cross-site scripting vulnerability rated moderate, and one stored cross-site scripting vulnerability rated important that could result in sensitive information disclosure.

Adobe Experience Manager versions 6.0-6.4 suffered from the issues. Adobe has fixes for versions 6.2-6.4.



Leave a Reply

You must be logged in to post a comment.