Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.

The remote host contains a Spring Framework version is affected by an open redirect vulnerability. Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95942 advisory.

  - Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query     parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open     redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used     after passing validation checks. (CVE-2024-22243)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Adobe Experience Manager installed on the remote host is prior to 6.5.21. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-28 advisory.

  - Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query     parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open     redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used     after passing validation checks. (CVE-2024-22243)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Access Control     vulnerability that could result in a Security feature bypass. An attacker could leverage this     vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does     not require user interaction. (CVE-2024-26029)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS)     vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
    Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the     vulnerable field. (CVE-2024-20769, CVE-2024-20784, CVE-2024-26036, CVE-2024-26054, CVE-2024-26060,     CVE-2024-26066, CVE-2024-26068, CVE-2024-26070, CVE-2024-26071, CVE-2024-26074, CVE-2024-26075,     CVE-2024-26077, CVE-2024-26078, CVE-2024-26081, CVE-2024-26082, CVE-2024-26083, CVE-2024-26085,     CVE-2024-26088, CVE-2024-26092, CVE-2024-26095, CVE-2024-26110, CVE-2024-26121, CVE-2024-26123,     CVE-2024-34119, CVE-2024-34120, CVE-2024-36142, CVE-2024-36143, CVE-2024-36144, CVE-2024-36146,     CVE-2024-36147, CVE-2024-36148, CVE-2024-36149, CVE-2024-36150, CVE-2024-36152, CVE-2024-36153,     CVE-2024-36154, CVE-2024-36155, CVE-2024-36156, CVE-2024-36157, CVE-2024-36158, CVE-2024-36159,     CVE-2024-36160, CVE-2024-36161, CVE-2024-36162, CVE-2024-36163, CVE-2024-36164, CVE-2024-36165,     CVE-2024-36166, CVE-2024-36167, CVE-2024-36168, CVE-2024-36169, CVE-2024-36170, CVE-2024-36171,     CVE-2024-36172, CVE-2024-36173, CVE-2024-36174, CVE-2024-36175, CVE-2024-36176, CVE-2024-36177,     CVE-2024-36178, CVE-2024-36179, CVE-2024-36180, CVE-2024-36182, CVE-2024-36185, CVE-2024-36186,     CVE-2024-36187, CVE-2024-36188, CVE-2024-36189, CVE-2024-36191, CVE-2024-36192, CVE-2024-36193,     CVE-2024-36194, CVE-2024-36195, CVE-2024-36196, CVE-2024-36198, CVE-2024-36199, CVE-2024-36200,     CVE-2024-36201, CVE-2024-36202, CVE-2024-36203, CVE-2024-36204, CVE-2024-36205, CVE-2024-36207,     CVE-2024-36208, CVE-2024-36209, CVE-2024-36212, CVE-2024-36213, CVE-2024-36214, CVE-2024-36215,     CVE-2024-36217, CVE-2024-36218, CVE-2024-36219, CVE-2024-36221, CVE-2024-36225, CVE-2024-36232)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a user to click on a specially crafted link or to submit a malicious form.
    (CVE-2024-26037, CVE-2024-36183, CVE-2024-36229)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue requires user interaction,     such as convincing a victim to click on a specially crafted link or to submit a form that triggers the     vulnerability. (CVE-2024-26039, CVE-2024-26053, CVE-2024-36197, CVE-2024-36228)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS)     vulnerability that could be abused by a privileged attacker to inject malicious scripts into vulnerable     form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page     containing the vulnerable field. (CVE-2024-26049)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a user to click on a specially crafted link or to submit a form that     triggers the malicious script. (CVE-2024-26057)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue requires user interaction,     such as convincing a victim to click on a specially crafted link. (CVE-2024-26058, CVE-2024-26090,     CVE-2024-36236, CVE-2024-36239)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting     (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in     the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a victim to click on a specially crafted link or to submit a form that     causes the vulnerable script to execute. (CVE-2024-26072)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue requires user interaction,     as the victim needs to visit a web page with a maliciously crafted script. (CVE-2024-26089,     CVE-2024-36151)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a victim to click on a specially crafted link or to submit a form that     causes the vulnerable script to execute. (CVE-2024-26091)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting     (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable     page, malicious JavaScript content may be executed within the context of the victim's browser.
    (CVE-2024-26086, CVE-2024-26093, CVE-2024-26111, CVE-2024-26113, CVE-2024-26114, CVE-2024-26115,     CVE-2024-26116, CVE-2024-26117, CVE-2024-36206, CVE-2024-36210, CVE-2024-36216)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation     vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage     this vulnerability to bypass security measures and affect the integrity of the page. Exploitation of this     issue requires user interaction. (CVE-2024-26126, CVE-2024-26127, CVE-2024-36226)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting     (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in     the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a victim to click on a specially crafted link or to submit a form that     triggers the malicious script. (CVE-2024-26055)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS)     vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into     vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the     page containing the vulnerable field. (CVE-2024-34141, CVE-2024-34142, CVE-2024-36141)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting     (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in     the context of the victim's browser session. Exploitation of this issue requires user interaction,     typically in the form of convincing a victim to visit a maliciously crafted web page or to interact with a     maliciously modified DOM element within the application. (CVE-2024-36181)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting     (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in     the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a user to click on a malicious link or to submit a specially crafted form.
    (CVE-2024-36184)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting     (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in     the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a user to click on a specially crafted link or to submit a form that     triggers the vulnerability. (CVE-2024-36190, CVE-2024-36234)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting     (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing     a vulnerable page, malicious JavaScript content may be executed within the context of the victim's     browser. (CVE-2024-36211)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue requires user interaction,     such as convincing a victim to click on a specially crafted link or to submit a form that triggers the     malicious script. (CVE-2024-36220)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting     (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in     the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a victim to click on a specially crafted link or to submit a form that     triggers the vulnerability. (CVE-2024-36222)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a user to click on a specially crafted link or to submit a form that     causes the vulnerable script to execute. (CVE-2024-36224)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting     (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in     the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a user to click on a specially crafted link or to submit a malicious form.
    (CVE-2024-36227)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting     (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in     the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a user to click on a specially crafted link or to submit a form that     causes the execution of the malicious script. (CVE-2024-36230, CVE-2024-36235)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a user to click on a specially crafted link or to submit a form that     causes the execution of the malicious script. (CVE-2024-36231)

  - Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site     Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript     code in the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a victim to click on a malicious link. (CVE-2024-36233)

  - Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting     (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in     the context of the victim's browser session. Exploitation of this issue typically requires user     interaction, such as convincing a user to click on a malicious link or to interact with a maliciously     crafted web page. (CVE-2024-36238)

  - Cross-site Scripting (Stored XSS) (CWE-79) potentially leading to Arbitrary code execution     (CVE-2024-36223)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The versions of Primavera Unifier installed on the remote host are affected by an open redirect vulnerability as referenced in the April 2024 CPU advisory. Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) and perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
204717	Spring Framework < 5.3.32 / 6.0.x < 6.0.17 / 6.1.x < 6.1.4 Open Redirect (CVE-2024-22243)	Nessus	Misc.	high
201107	Atlassian Confluence 1.0.1 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-95942)	Nessus	CGI abuses	high
200354	Adobe Experience Manager 6.5.0 < 6.5.21 Multiple Vulnerabilities (APSB24-28)	Nessus	Misc.	critical
193435	Oracle Primavera Unifier Open Redirect (April 2024 CPU)	Nessus	CGI abuses	high

Detections

Analytics

CVE-2024-22243

high

Tenable Plugins

high

high

critical

high