Security for everyone

CVE-2019-8086 Scanner

Detects 'XML External Entity (XXE)' vulnerability in Adobe Experience Manager affects v. 6.5, 6.4, 6.3 and 6.2.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Domain, Ipv4



Adobe Experience Manager is a content management system (CMS) from Adobe that allows companies to manage and deliver digital experiences across multiple channels. It is used by enterprises, marketers, and developers to create and manage websites, mobile apps, and other digital content. The CMS also has features that allow for the personalization of experiences for specific target audiences, making it an effective tool for digital marketing efforts.

However, recent security reports have revealed that Adobe Experience Manager versions 6.5, 6.4, 6.3, and 6.2 are vulnerable to a critical security flaw, known as CVE-2019-8086. This vulnerability is categorized as an XML External Entity Injection (XXE) issue, which occurs when an attacker can inject malicious XML data into an application. When the CMS processes this data, it allows the attacker to read sensitive data on the server or execute arbitrary code.

The exploitation of this vulnerability can lead to serious consequences for organizations. Attackers can gain access to sensitive data, such as user credentials, credit card information, and other personally identifiable information. This could cause significant damage to the reputation of the organization and result in fines and legal action. Furthermore, attackers could use the backdoor created by the vulnerability to gain deeper access to the entire system, leading to more serious attacks and data breaches.

In conclusion, the Adobe Experience Manager vulnerability is a serious threat that should not be taken lightly. Organizations using the CMS must take the necessary precautions to protect their sensitive data and digital assets. By leveraging the pro features of the platform, businesses can easily and quickly learn about vulnerabilities in their digital assets and stay one step ahead of attackers. Don't wait until it's too late; take action and protect yourself against CVE-2019-8086 and other critical security flaws.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture