CVE-2023-48483: 
Adobe Experience Manager vulnerability analysis and mitigation

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. The vulnerability was disclosed on December 15, 2023, and has been assigned CVE-2023-48483. This security issue affects Adobe Experience Manager installations up to version 6.5.18 (NVD).

The vulnerability is classified as a DOM-based Cross-site Scripting (XSS) issue with a CVSS v3.1 Base Score of 5.4 (Medium). The attack vector requires a low-privileged attacker and user interaction. The vulnerability is characterized by the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N, indicating network accessibility, low attack complexity, low privileges required, and user interaction needed for exploitation (Adobe Advisory).

If successfully exploited, this vulnerability allows malicious JavaScript content to be executed within the context of the victim's browser. The impact is considered medium severity with low confidentiality and integrity impacts, while availability is not affected (NVD).

Adobe has addressed this vulnerability in newer versions of Experience Manager. Users should upgrade their installations beyond version 6.5.18 to mitigate this security risk (Adobe Advisory).