CVE-2018-4876

CVE-2018-4876

EPSS 4.6%

Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function.

Affected products

n/a · Adobe Experience Manager 6.3, 6.2, 6.1

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://helpx.adobe.com/security/products/experience-manager/apsb18-04.html http://www.securityfocus.com/bid/102990 http://www.securitytracker.com/id/1040365