Adobe Security Bulletin

Security updates available for Adobe Experience Manager Forms | APSB19-50

Bulletin ID	Date Published	Priority
APSB19-50	October 15, 2019	3

Adobe has released security updates for Adobe Experience Manager Forms. These updates resolve a stored cross-site scripting vulnerability rated Important that could result in sensitive information disclosure.

Product	Affected version	Platform
Adobe Experience Manager Forms	6.5 6.4 6.3	All

Product

Affected version

Platform

Adobe Experience Manager Forms

6.5

6.4

6.3

All

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the latest version:

Product	Version	Platform	Priority	Availability
Adobe Experience Manager Forms	6.5	All	3	Releases and Updates
	6.4	All	3	Releases and Updates
	6.3	All	3	Releases and Updates

Please contact Adobe customer care for assistance with earlier AEM Forms versions.

Vulnerability Category

Vulnerability Impact

Severity

CVE Number

Affected Versions

Download Package

Reflected Cross-site Scripting

Sensitive Information disclosure

Moderate

CVE-2019-8089

AEM 6.3

AEM 6.4

AEM 6.5

Cumulative Fix Pack for 6.3 SP3 – AEM-6.3.3.6

Service Pack for 6.4 - AEM-6.4.6.0

Service Pack for 6.5 - AEM-6.5.2.0

Note: The packages listed in the table above are the minimum fix packs to address the relevant vulnerability. For the latest versions, please see the release notes links referenced above.

Adobe Security Bulletin

Summary

Affected product versions

Solution

Vulnerability Details

Ask the Community

Contact Us