{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T09:40:11.468","vulnerabilities":[{"cve":{"id":"CVE-2024-43720","sourceIdentifier":"psirt@adobe.com","published":"2024-12-10T22:15:07.160","lastModified":"2024-12-17T15:23:30.417","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. By manipulating the DOM environment in the victim's browser, an attacker can inject malicious scripts that are executed by the victim's browser. Exploitation of this issue requires user interaction, typically in the form of following a malicious link."},{"lang":"es","value":"Las versiones 6.5.21 y anteriores de Adobe Experience Manager se ven afectadas por una vulnerabilidad de DOM-based Cross-Site Scripting (XSS) en DOM que podría aprovecharse para ejecutar código arbitrario en el contexto de la sesión del navegador de la víctima. Al manipular el entorno DOM en el navegador de la víctima, un atacante puede inyectar secuencias de comandos maliciosas que se ejecutan en el navegador de la víctima. Para aprovechar este problema es necesaria la interacción del usuario, normalmente siguiendo un vínculo malicioso."}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*","versionEndExcluding":"6.5.22.0","matchCriteriaId":"4A30C141-E776-4D0C-8F40-17C9560BF2A3"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*","versionEndExcluding":"2024.11.0","matchCriteriaId":"32D69634-ED91-469C-B4C8-FE1E942DCCE4"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}}]}