As part of its regularly scheduled security updates, Adobe fixed five critical cross-site scriptings (XSS) flaws hidden in Adobe Experience Manager. The flaws could potentially allow threat actors to execute arbitrary JavaScript code in victims’ browsers. Experience Manager is a popular platform used to manage content for building websites, applications, and forms.
On top of the five critical flaws, Adobe fixed 18 other vulnerabilities spread amongst its other services and applications, such as Adobe FrameMaker, which is a document-processor created for writing large or complex documents. Another Adobe service that received patches is InDesign, which is a typesetting software application. Users have been advised that the vulnerabilities could leave an organization exposed to damaging cyberattacks, urging customers to patch the flaws as soon as possible.
Read More: Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers