Vulnerability CVE-2022-35697


Published: 2022-08-10

Description:
Adobe Experience Manager Core Components version 2.20.6 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires a low author privilege access.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/adobe/aem-core-wcm-components/security/advisories/GHSA-qcgc-6q86-7x2p

Copyright 2026, cxsecurity.com

 

Back to Top