Adobe Security Bulletin
Security updates available for Adobe Experience Manager Forms | APSB19-50
Bulletin ID Date Published  Priority
APSB19-50 October 15, 2019 3

Summary

Adobe has released security updates for Adobe Experience Manager Forms. These updates resolve a stored cross-site scripting vulnerability rated Important that could result in sensitive information disclosure.

Affected product versions

Product Affected version Platform
Adobe Experience Manager Forms

6.5

6.4

6.3

All

Solution

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the latest version:

Product Version Platform Priority Availability
Adobe Experience Manager Forms 6.5 All 3 Releases and Updates
6.4 All 3 Releases and Updates
6.3 All 3 Releases and Updates

Please contact Adobe customer care for assistance with earlier AEM Forms versions.

Vulnerability Details

Vulnerability Category Vulnerability Impact  Severity CVE Number  Affected Versions Download Package 

Reflected Cross-site Scripting

 

 

Sensitive Information disclosure

 

 

Moderate

 

 

CVE-2019-8089

 

 

AEM 6.3

AEM 6.4

AEM 6.5

Cumulative Fix Pack for 6.3 SP3 – AEM-6.3.3.6

Service Pack for 6.4 - AEM-6.4.6.0

Service Pack for 6.5 - AEM-6.5.2.0

Note: The packages listed in the table above are the minimum fix packs to address the relevant vulnerability.  For the latest versions, please see the release notes links referenced above.