U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Adobe fixed XSS flaws in Experience Manager that can result in information Disclosure

Adobe released security updates to address multiple XSS vulnerabilities in the Experience Manager and Experience Manager Forms that can lead to information disclosure. Adobe released security updates for the Experience Manager and Experience Manager Forms to address flaws that can lead to information disclosure. The Experience Manager is affected by a stored cross-site scripting (XSS) issue […]

Adobe Reader

Adobe released security updates to address multiple XSS vulnerabilities in the Experience Manager and Experience Manager Forms that can lead to information disclosure.

Adobe released security updates for the Experience Manager and Experience Manager Forms to address flaws that can lead to information disclosure.

The Experience Manager is affected by a stored cross-site scripting (XSS) issue and a reflected XSS issue.

The former is rated as ‘important’ severity, the latter as ‘moderate’ severity, both can result in the exposure of sensitive data. .

“Adobe has released security updates for Adobe Experience Manager. These updates resolve one reflected cross-site scripting vulnerability rated Moderate, and one stored cross-site scripting vulnerability rated Important that could result in sensitive information disclosure. ” reads the security advisory published by Adobe.

The good news is that Adobe is not aware of threat actors attempting to exploit these vulnerabilities in the wild. Anyway, the tech giant is urging administrator to install the updates within 30 days.

Adobe also addressed a stored XSS vulnerability in the Experience Manager Forms, the bug was discovered by the security researchers Adam Willard.

“Adobe has released security updates for Adobe Experience Manager Forms. These updates resolve a stored cross-site scripting vulnerability rated Important that could result in sensitive information disclosure.” reads the security advisory.

The company addressed other issues in its products in January; the company Patch Tuesday security updates for January 2019 fixed two flaws rated as “important” in the Connect and Digital Editions products.

The first Adobe security updates for 2019 addressed two critical vulnerabilities in the Acrobat and Reader products.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Adobe, XSS)

[adrotate banner=”5″] [adrotate banner=”13″]