AEM 5.6.1 recommended hot fixes prior to Service Pack 2

This page is the old version of the recommended hotfixes page, before the release of AEM 5.6.1 Service Pack 2 .

It lists the list of recommended Hotfixes to install on top of AEM 5.6.1 , *unless you have SP2 installed.*

Adobe recommends the installation of Service Pack 2, please refer to this page for Hotfixes to install on top of SP2.


This page formerly contained the exhaustive list of hot fixes released for Adobe Experience Manager 5.6.1, with some flagged as recommended.

We chose to update this page with the list of all hot fixes not being replaced. Therefore, containing the highest versions of AEM Bundles components and widgets, available for the 5.6.1 version, sorted by modules.

Adobe recommends installing all the hot fixes present in the section of the modules you are using.

As hot fixes listed here replace for the most obsolete hot fixes, the full detailed list of changes/bug fixed, or new feature added is not displayed.

To get the full list of addressed issues per module, contact Adobe Experience Manager Support via the creation of a Support ticket.


First install the Security Service Pack and security related hotfixes .

Adobe Experience Manager 5.6.1 Security Service Pack 1 resolves several critical vulnerabilities, Adobe highly recommends that you install this Security Update on all Adobe Experience Manager 5.6.1 instances immediately. For the protection of our customers, Adobe does not disclose any vulnerability details. 


Read as well:

Security Vulnerabilities

Hot fix 8364 Java deserialization issues mitigation agent
Hot fix 6446 Security fix in Webdav
Hot fix 6445 Vulnerability affecting Apache Sling Servlets Post 2.3.6  
Hot fix 5122 DOM-Based Reflected XSS in CRXDE Lite
Hot fix 5667 Security fix in auditreport page 
Hot fix 3527 Security fix in the offloading module
Hot fix 4990 Security fix in the Content Finder


Hot fix 3285 .HTC Rewrite issue in Granite user interface commons
Hot fix 3310 AdminSession not closed in email-notification
Hot fix 41214387 and 5631 CRX server fixes
Hot fix 4984 Linkchecker issue causing repository growth. Check this page for full details.
Hot fix 4641 Cluster robustness enhancement
Hot fix 5220 Various CQ servlet engine fixes


Hot fix 5283 Integration of all Replication Fixes on top of the Security Service Pack

LDAP Integration

Hot fix 4070 Latest LDAP Integration fix (1)
Hot fix 3645 Granite SSO handler fails with error when using LDAP

(1) This HF introduces a new configuration option for LDAP: "groupNestingDepth".

Contact support for more details.

Misc security-related issues

Hot fix 4129 Sling uses wrong value for Principal object
Hot fix 4086 Issue in user admin when adding user picture
Hot fix 5668 Various fixes in Granite Crypto support
Hot fix 5152 CQ author instance does not process https sling mapping correctly.
Hot fix 5126 Optimization of CUG-related event generation


Hot fix 3402 Multiple scheduled activations at the same time result in only one activation.
Hot fix 3808 Workflow consoles user interface Fixes - 1
Hot fix 3863 Workflow consoles user interface Fixes - 2
Hot fix 4611 Workflow and Discovery fixes


Hot fix 5742 Exception while moving tags if it has permissions defined and is referenced by a resource



Hot fix 3692 Siteadmin Performance enhancements
Hot fix 3949 Fix for 'User is able to edit a page locked by other user'
Hot fix 5431 Correction in handling of Delete operation without replication rights.
Hot fix 5737 Required for the dependencies
Hot fix 3561 and 6164 MSM Latest available fixes and improvements

Campaign - Targeting

Hot fix 3591 SessionPersistence cookie appears even through MODE_LOCAL is set
Hot fix 3748 Critical fix for the native teaser engine
Hot fix 4107 Personalization does not work in private browsing

Form component

Hot fix 3951 Issue with Form field Show/Hide with fieldvalue="" condition on IE and chrome.
Hot fix 3973 Validation problem with hidden required fields in the Foundation Form component.
Hot fix 5257 Show/Hide rules in form component with Show only Value check box checked doesn't work

Other features

Hot fix 4210 Issue in Timewarp
Hot fix 3471 Launches hot fix
Hot fix 3670 Adds 508 standards-compliant alt-attributes for the Image plug-in in Rich Text Editor



Hot fix 3627 and 3610 DAM Classic user interface issues
Hot fix 3994 ClassCastException when metadata property has unexpected type
Hot fix 3921 Thumbnail Creation Process Failing on certain Images
Hot fix 4219 Issue in InDesign Media Extraction Workflow Step
Hot fix 5556 Asset Search Scalability Fix
Hot fix 5612 PDF Text extraction Fix
Hot fix 4077 Issue with handling of Assets with certain special characters

Scene7 Integration

Hot fix 3164 Replication of scene 7 configuration can go in endless loop on publish
Dynamic Media Feature Pack 4136 Dynamic Media Feature Pack is a key security and privacy update for the CQ integration with Scene7 to support improved stability and performance, as well as providing a secure preview of Scene7 assets in the AEM/CQ environment before publishing. Note, this is being offered as a special no-cost package for our existing Scene7 customers with CQ 5.6.1 implemented.

Marketing Cloud integration

The following hot fixes should be installed by the customers integrating AEM with the other solutions of the Marketing Cloud.

Adobe Target

Hot fix 3366 Critical fixes for Adobe Target integration
Hot fix 3830 Critical fix for the targeted content authoring
Hot fix 4539 Performance enhancements for Target Integration


Hot fix 4605  Add Oregon data center to list of selectable data centers in Analytics cloud config
Hot fix 4692 CQ_Analytics.record doesn't call properly

Audience Manager

Hot fix 4058 Audience Manager integration requires read access to /etc/cloudservices/audiencemanager


The following hot fixes are specific to the users of the AEM ECommerce module.

Therefore they have to be installed on top of the CQ-COMMERCE-HYBRIS-UPDATE-CONTENT v5.6.200 .

This package and the following hot fixes must be requested via a Support Portal ticket, as the module is not integrated in the default installation of AEM.

Hot fix 3985 Various fixes around Hybris integration 1
Hot fix 5174 Various fixes around Hybris integration 2


Hot fix 3930 Twitter/Facebook/Salesforce Client Context Store load requests fire always
Hot fix 3408 Upgrades twitter connect and twitter search plug-in APIs to version 1.1 .

Misc Modules

The hot fixes below adress issues specific to minor modules. Check first if you are actual users of the module (in bold in the description) before considering to install the hot fix.

Hot fix 5202 Design Importer hot fix
Hot fix 5681 ContentSync: Provide minification option in client libraries
Hot fix 3565 JCR-RMI does allow upload of binary file larger than a certain size
Hot fix 5683 Translation tool issues with nested keys
Hot fix 4655 Bulk editor import doesn't work for multi-value properties