Adobe has released security updates to address twelve critical vulnerabilities that could make it possible for attackers to execute arbitrary code on devices running vulnerable versions of Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager.
The rest of the total of
18 security flaws patched today are important severity bugs that could lead to arbitrary JavaScript execution in the browser via stored cross-site scripting vulnerabilities or disclosure of sensitive information via execution with unnecessary privileges.
These important severity vulnerabilities were all found in the Adobe Experience Manager (AEM) and the AEM Forms add-on package, and they affect devices on all platforms running unpatched software versions.
Adobe advises customers to update the vulnerable apps to the latest versions as soon as possible to block attacks attempting to exploit unpatched installations.
