Adobe Security Bulletin

Security updates available for Adobe Experience Manager | APSB23-72

Bulletin ID

Date Published

Priority

APSB23-72

December 12, 2023

3

Summary

Adobe has released updates for Adobe Experience Manager (AEM). These updates resolve vulnerabilities rated important and moderate. Successful exploitation of these vulnerabilities could result in arbitrary code execution and security feature bypass.

Affected product versions

Product Version Platform
Adobe Experience Manager (AEM)
AEM Cloud Service (CS)
All
6.5.18.0 and earlier versions 
All

Solution

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:

Product

Version

Platform

Priority

Availability

Adobe Experience Manager (AEM) 
AEM Cloud Service Release 2023.11
All 3 Release Notes
6.5.19.0
All

3

AEM 6.5 Service Pack Release Notes 
Note:

Customers running on Adobe Experience Manager’s Cloud Service will automatically receive updates that include new features as well as security and functionality bug fixes.  

Note:

Please contact Adobe customer care for assistance with AEM versions 6.4, 6.3 and 6.2.

Vulnerability Details

Vulnerability Category
Vulnerability Impact
Severity
CVSS base score
CVSS vector
CVE Number
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48440
Improper Access Control (CWE-284)
Security feature bypass
Important 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2023-48441
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48442
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48443
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48444
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48445
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48446
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48447
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important

5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48448
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48449
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48450
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48451
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48452
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48453
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48454
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48455
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48456
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48457
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48458
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48459
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48460
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48461
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48462
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48463
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48464
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48465
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48466
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2023-48467
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2023-48468
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2023-48469
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2023-48470
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48471
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2023-48472
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2023-48473
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2023-48474
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48475
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48476
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48477
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48478
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48479
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48480
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48481
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48482
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48483
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48484
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48485
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48486
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48487
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48488
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48489
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48490
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48491
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48492
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48493
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48494
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48495
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48496
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48497
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48498
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48499
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48500
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48501
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48502
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48503
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48504
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48505
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48506
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48507
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48508
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48509
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48510
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48511
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48512
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48513
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48514
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48515
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48516
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48517
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48518
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48519
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48520
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48521
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48522
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48523
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48524
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48525
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48526
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48527
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48528
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48529
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48530
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48531
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48532
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48533
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48534
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48535
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48536
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 4.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48537
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48538
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48539
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48540
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48541
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48542
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48543
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48544
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48545
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48546
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48547
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
CVE-2023-48548
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48549
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48550
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48551
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48552
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48553
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48554
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48555
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48556
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48557
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48558
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48559
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48560
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48561
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48562
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48563
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48564
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48565
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48566
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48567
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48568
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48569
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48570
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48571
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
CVE-2023-48572
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
CVE-2023-48573
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
CVE-2023-48574
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48575
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 4.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48576
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48577
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48578
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 4.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48579
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48580
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48581
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
CVE-2023-48582
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48583
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 4.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
CVE-2023-48584
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48585
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48586
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48587
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48588
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48589
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48590
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48591
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48592
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48593
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48594
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48595
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48596
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48597
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48598
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48599
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48600
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48601
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48602
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48603
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48604
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48605
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48606
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48607
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Moderate 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2023-48608
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48609
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48610
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48611
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48612
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48613
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48614
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48615
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48616
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48617
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48618
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48619
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48620
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48621
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48622
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48623
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-48624
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-47064
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-47065
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-51457
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-51458
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-51459
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-51460
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-51461
Cross-site Scripting (Stored XSS) (CWE-79)
Arbitrary code execution
Important
5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2023-51462
Cross-site Scripting (Stored XSS) (CWE-79) Arbitrary code execution Important 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-51463
Cross-site Scripting (Stored XSS) (CWE-79) Arbitrary code execution Important

5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2023-51464
Note:

If a customer is using Apache httpd in a proxy with a non-default configuration, they may be impacted by CVE-2023-25690 - please read more here: https://httpd.apache.org/security/vulnerabilities_24.html

Acknowledgments

Adobe would like to thank the following for reporting these issues and for working with Adobe to help protect our customers: 

  • Lorenzo Pirondini --CVE-2023-48442, CVE-2023-48444, CVE-2023-48445 CVE-2023-48446, CVE-2023-48449, CVE-2023-48450, CVE-2023-48451, CVE-2023-48452, CVE-2023-48453, CVE-2023-48454, CVE-2023-48456, CVE-2023-48457, CVE-2023-48458, CVE-2023-48459, CVE-2023-48460, CVE-2023-48461, CVE-2023-48462, CVE-2023-48463, CVE-2023-48464, CVE-2023-48465, CVE-2023-48466, CVE-2023-48467, CVE-2023-48468, CVE-2023-48469, CVE-2023-48470, CVE-2023-4847, CVE-2023-48472, CVE-2023-48473, CVE-2023-48474, CVE-2023-48475, CVE-2023-48476, CVE-2023-48477, CVE-2023-48478, CVE-2023-48479, CVE-2023-48480, CVE-2023-48481, CVE-2023-48482, CVE-2023-48483, CVE-2023-48484, CVE-2023-48485, CVE-2023-48486, CVE-2023-48487, CVE-2023-48488, CVE-2023-48489, CVE-2023-48490, CVE-2023-48491, CVE-2023-48492, CVE-2023-48493, CVE-2023-48494, CVE-2023-48495, CVE-2023-48496, CVE-2023-48502, CVE-2023-48503, CVE-2023-48505, CVE-2023-48506, CVE-2023-48507, CVE-2023-48508, CVE-2023-48509 CVE-2023-48510, CVE-2023-48511, CVE-2023-48514, CVE-2023-48516, CVE-2023-48517, CVE-2023-48518, CVE-2023-48519, CVE-2023-48520, CVE-2023-48521, CVE-2023-48522, CVE-2023-48523, CVE-2023-48524, CVE-2023-48525, CVE-2023-48527, CVE-2023-48528, CVE-2023-48529, CVE-2023-48530, CVE-2023-48531, CVE-2023-48532, CVE-2023-48535, CVE-2023-48536, CVE-2023-48538, CVE-2023-48539, CVE-2023-48540, CVE-2023-48541, CVE-2023-48542, CVE-2023-48543, CVE-2023-48544, CVE-2023-48545, CVE-2023-48546, CVE-2023-48547, CVE-2023-48548, CVE-2023-48549, CVE-2023-48550, CVE-2023-48551, CVE-2023-48552, CVE-2023-48553, CVE-2023-48554, CVE-2023-48555, CVE-2023-48556, CVE-2023-48557, CVE-2023-48558, CVE-2023-48565, CVE-2023-48566, CVE-2023-48567, CVE-2023-48568, CVE-2023-48569, CVE-2023-48570, CVE-2023-48571, CVE-2023-48577, CVE-2023-48578, CVE-2023-48583, CVE-2023-48585, CVE-2023-48586, CVE-2023-48587, CVE-2023-48588, CVE-2023-48589, CVE-2023-48590, CVE-2023-48591, CVE-2023-48598, CVE-2023-48599, CVE-2023-48602, CVE-2023-48603, CVE-2023-48604, CVE-2023-48605, CVE-2023-48606, CVE-2023-48607, CVE-2023-48609, CVE-2023-48610, CVE-2023-48611, CVE-2023-48612, CVE-2023-48613, CVE-2023-48614, CVE-2023-48615, CVE-2023-48616, CVE-2023-48617, CVE-2023-48618, CVE-2023-48619, CVE-2023-47065, CVE-2023-51457, CVE-2023-51458, CVE-2023-51460, CVE-2023-51463, CVE-2023-51464

  • Jim Green (green-jam) -- CVE-2023-48441, CVE-2023-48443, CVE-2023-48447, CVE-2023-48448, CVE-2023-48455, CVE-2023-48497, CVE-2023-48498, CVE-2023-48499, CVE-2023-48500, CVE-2023-48501, CVE-2023-48504, CVE-2023-48526, CVE-2023-48548, CVE-2023-48559, CVE-2023-48560, CVE-2023-48561, CVE-2023-48562, CVE-2023-48563, CVE-2023-48564, CVE-2023-48592, CVE-2023-48593, CVE-2023-48594, CVE-2023-48595, CVE-2023-48596, CVE-2023-48597, CVE-2023-48600, CVE-2023-48601, CVE-2023-48620, CVE-2023-48621, CVE-2023-48622, CVE-2023-48623, CVE-2023-48624, CVE-2023-47064, CVE-2023-51459, CVE-2023-51462

  • Akshay Sharma (anonymous_blackzero) -- CVE-2023-48440, CVE-2023-48512, CVE-2023-48513, CVE-2023-48515, CVE-2023-48533, CVE-2023-48534, CVE-2023-48537, CVE-2023-48572, CVE-2023-48573, CVE-2023-48574, CVE-2023-48575, CVE-2023-48576, CVE-2023-48579, CVE-2023-48580, CVE-2023-48581, CVE-2023-48582, CVE-2023-48584, CVE-2023-48608, CVE-2023-51461

NOTE: Adobe has a private, invite-only, bug bounty program with HackerOne. If you are interested in working with Adobe as an external security researcher, please fill out this form for next steps.

Revisions

December 13, 2023 - Added 2 CVEs, - CVE-2023-47064 and CVE-2023-47065

December 19, 2023 -  Added 6 CVEs - CVE-2023-51457, CVE-2023-51458, CVE-2023-51459, CVE-2023-51460, CVE-2023-51461, CVE-2023-51462

January 17, 2024 - Added 2 CVEs - CVE-2023-51463, CVE-2023-51464


For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com.

 Adobe

Get help faster and easier

New user?