Adobe Experience Manager (AEM), is a comprehensive content management solution for building websites, mobile apps and forms
AEM QueryBuilder is vulnerable to Internal Path Read, which enables an attacker to see the full path to the webroot. Attackers may abuse the knowledge and use it in combination with file inclusion vulnerability to steal configuration files on the web application or the rest of the operating system.