← voltar
CVE-2021-40722

AEM Forms Improper Restriction of XML External Entity Reference

CVSS 9.8 CRITICALEPSS 3.3%CWE-611
AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Adobe · Experience Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://helpx.adobe.com/security/products/experience-manager/apsb21-103.html