Adobe Experience Manager CVE-2018-4931 HTML Injection

Authors:Nagamarimuthu          Risk:High
 
CVE:CVE-2018-4937             0day:HTML Injection  

0day-id:0DAY-4931              Date:2018-04-12

Description

Adobe Experience Manager is prone to a HTML-injection vulnerability because it fails to sanitize user-supplied input.

Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.

Adobe Experience Manager 6.1 and prior versions are vulnerable.

Vulnerable

Adobe Experience Manager 6.1
Adobe Experience Manager 6.0

 

Leave a Reply