CNNVD-202508-351 Information
CNNVD ID
CNNVD-202508-351
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
Adobe Experience Manager(AEM)是美国奥多比(Adobe)公司的一套可用于构建网站、移动应用程序和表单的内容管理解决方案。该方案支持移动内容管理、营销销售活动管理和多站点管理等。 Adobe Experience Manager(AEM)6.5.23及之前版本存在代码问题漏洞,该漏洞源于XML外部实体引用限制不当,可能导致任意文件系统读取。
Description (English)
Adobe Exchange Manager (AEM) is a set of content management solutions for the construction of websites, mobile applications and forms from Adobe in the United States. The programme supports mobile content management, marketing activities management and multi-site management. Adobe Exchange Manager (AEM) 6.5.23 and earlier versions had a code gap, which stemmed from inappropriate reference restrictions by an external XML entity and could lead to access to any file system.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
奥多比
Published
2025-08-05
Last Modified
2026-02-24
References
https://helpx.adobe.com/security/products/aem-forms/apsb25-82.html https://nvd.nist.gov/vuln/detail/CVE-2025-54254
Patch
https://helpx.adobe.com/security/products/aem-forms/apsb25-82.html
Share on: