Login Sign Up

CVE-2023-22266

5.4 MEDIUM
Open Redirect

📋 TL;DR

This vulnerability allows low-privilege authenticated attackers to create malicious links that redirect Adobe Experience Manager users to untrusted websites. It affects AEM versions 6.5.15.0 and earlier. Exploitation requires user interaction, such as clicking a crafted link.

💻 Affected Systems

Products:
  • Adobe Experience Manager
Versions: 6.5.15.0 and earlier
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Requires authenticated user with low privileges; exploitation requires user interaction

📦 What is this software?

Experience Manager by Adobe

View all CVEs affecting Experience Manager →

Experience Manager Cloud Service by Adobe

View all CVEs affecting Experience Manager Cloud Service →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users could be redirected to phishing sites that steal credentials or deliver malware, potentially leading to account compromise or system infection.

🟠

Likely Case

Attackers use crafted links in phishing campaigns to redirect authenticated users to malicious sites for credential harvesting or social engineering.

🟢

If Mitigated

With proper user awareness training and URL validation controls, impact is limited to unsuccessful phishing attempts.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Attack requires authenticated access and user interaction; trivial to craft malicious URLs once vulnerability is understood

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.5.16.0 or later

Vendor Advisory: https://helpx.adobe.com/security/products/experience-manager/apsb23-18.html

Restart Required: Yes

Instructions:

1. Download AEM 6.5.16.0 or later from Adobe distribution portal. 2. Apply the Service Pack following Adobe's installation guide. 3. Restart AEM instance. 4. Verify successful installation via AEM welcome screen.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement custom servlet filter to validate and sanitize URL parameters before processing

Implement Java servlet filter with URL validation logic

User Awareness Training

all

Educate users about phishing risks and suspicious links

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block open redirect patterns
  • Restrict user permissions to minimize authenticated attack surface

🔍 How to Verify

Check if Vulnerable:

Check AEM version via welcome screen or system/console/status-productinfo endpoint; versions 6.5.15.0 or earlier are vulnerable

Check Version:

curl -k https://<aem-host>:<port>/system/console/status-productinfo | grep 'Adobe Experience Manager'

Verify Fix Applied:

Verify AEM version is 6.5.16.0 or later; test redirect functionality with crafted URLs

📡 Detection & Monitoring

Log Indicators:

  • Unusual redirect patterns in access logs
  • Multiple failed redirect attempts from same user

Network Indicators:

  • HTTP 302 redirects to external domains
  • Suspicious URL parameters in requests

SIEM Query:

source="aem-access.log" AND (status=302 OR status=301) AND uri="*redirect=*" AND NOT dest_domain="*.adobe.com"

📊 Metadata

CVE ID: CVE-2023-22266
CVSS v3 Score: 5.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-601
Published: March 22, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-22266, you might also want to check these:

CVE-2025-43526 9.8

A URL validation vulnerability in macOS and Safari allows web content opened via file URLs to bypass...

Same vulnerability type (CWE-601)
CVE-2025-55031 9.8

This vulnerability in Firefox and Focus for iOS allows malicious web pages to trigger hybrid passkey...

Same vulnerability type (CWE-601)
CVE-2024-22891 9.8

CVE-2024-22891 is a critical remote code execution vulnerability in Nteract v0.28.0 that allows atta...

Same vulnerability type (CWE-601)