{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T14:45:48.531","vulnerabilities":[{"cve":{"id":"CVE-2021-40722","sourceIdentifier":"psirt@adobe.com","published":"2022-01-13T21:15:07.897","lastModified":"2024-11-21T06:24:38.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE."},{"lang":"es","value":"AEM Forms Cloud Service offering, así como la versión 6.5.10.0 (y anteriores) están afectadas por una vulnerabilidad de inyección de tipo XML External Entity (XXE) que podría ser abusada por un atacante para lograr RCE"}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"6.5.10.0","matchCriteriaId":"9C764744-E85B-4783-8E83-A369CA2FCD46"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager_cloud_service:-:*:*:*:*:*:*:*","matchCriteriaId":"360F2694-4E6F-4D0C-9218-CD0450506AB6"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/experience-manager/apsb21-103.html","source":"psirt@adobe.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://helpx.adobe.com/security/products/experience-manager/apsb21-103.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}}]}