{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T13:02:41.632","vulnerabilities":[{"cve":{"id":"CVE-2024-43712","sourceIdentifier":"psirt@adobe.com","published":"2024-12-10T22:15:05.830","lastModified":"2024-12-17T15:23:11.173","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could allow an attacker to execute arbitrary code in the context of the victim's browser. This issue occurs when data from a user-controllable source is improperly sanitized before being used in the Document Object Model (DOM) of a web page, leading to the execution of malicious scripts. Exploitation of this issue requires user interaction, such as tricking a victim into clicking a link or navigating to a malicious website."},{"lang":"es","value":"Las versiones 6.5.21 y anteriores de Adobe Experience Manager se ven afectadas por una vulnerabilidad de DOM-based Cross-Site Scripting (XSS) en DOM que podría permitir a un atacante ejecutar código arbitrario en el contexto del navegador de la víctima. Este problema se produce cuando los datos de una fuente controlable por el usuario se desinfectan de forma incorrecta antes de usarse en el modelo de objetos de documento (DOM) de una página web, lo que lleva a la ejecución de secuencias de comandos maliciosas. Para explotar este problema es necesaria la interacción del usuario, como engañar a la víctima para que haga clic en un vínculo o navegue a un sitio web malicioso."}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*","versionEndExcluding":"6.5.22.0","matchCriteriaId":"4A30C141-E776-4D0C-8F40-17C9560BF2A3"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*","versionEndExcluding":"2024.11.0","matchCriteriaId":"32D69634-ED91-469C-B4C8-FE1E942DCCE4"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}}]}