Bulletin ID
Last updated on
27 Des 2022
Security updates available for Adobe Experience Manager Forms | APSB19-24
|
|
Date Published |
Priority |
|---|---|---|
|
APSB19-24 |
April 09, 2019 |
2 |
Summary
Adobe has released security updates for Adobe Experience Manager Forms. These updates resolve a stored cross-site scripting vulnerability rated Important that could result in sensitive information disclosure.
Affected product versions
|
Product |
Affected version |
Platform |
|
Adobe Experience Manager Forms |
6.4 |
All |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the latest version:
| Product | Version | Platform | Priority | Availability |
| Adobe Experience Manager Forms | 6.4 | All | 2 | Releases and Updates |
| 6.3 | All | 2 | Releases and Updates | |
| 6.2 | All | 2 | Releases and Updates |
Please contact Adobe customer care for assistance with earlier AEM Forms versions.
Vulnerability Details
| Vulnerability Category | Vulnerability Impact | Severity | CVE Number | Affected Versions | Download Package |
| Stored Cross-site Scripting | Sensitive Information disclosure | Important | CVE-2019-7129 | AEM 6.2 AEM 6.3 AEM 6.4 |
Cumulative Fix Pack for AEM 6.2 SP1-CFP15 |
Note: The packages listed in the table above are the minimum fix packs to address the relevant vulnerability. For the latest versions, please see the release notes links referenced above.
Acknowledgments
Adobe would like to thank Ryne Hanson (@hansonet) for reporting (CVE-2019-7129) and for working with Adobe to help protect our customers.
