Adobe has released security updates for Adobe Experience Manager Forms. These updates resolve a stored cross-site scripting vulnerability rated Important that could result in sensitive information disclosure.
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the latest version:
|Adobe Experience Manager Forms||6.4||All||2||Releases and Updates|
|6.3||All||2||Releases and Updates|
|6.2||All||2||Releases and Updates|
Please contact Adobe customer care for assistance with earlier AEM Forms versions.
|Vulnerability Category||Vulnerability Impact||Severity||CVE Number||Affected Versions||Download Package|
|Stored Cross-site Scripting||Sensitive Information disclosure||Important||CVE-2019-7129||
Cumulative Fix Pack for AEM 6.2 SP1-CFP15
Cumulative Fix Pack for 6.3 - AEM-126.96.36.199
Note: The packages listed in the table above are the minimum fix packs to address the relevant vulnerability. For the latest versions, please see the release notes links referenced above.