Multiple vulnerabilities in Adobe Experience Manager

CERT-LatestNews ThreatsCybercrime VulnerabilitiesAdobe VulnerabilitiesAll VulnerabilitiesApplications
1) Expression Language injection. Severity: Medium. CVSSv3: [PCI] CVE-ID: CVE-2019-16469. CWE-ID: Description. CWE-94 - Improper Control of Generation of Code ('Code Injection') The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to improper input validation.