Adobe Acs-aem-commons is a Java-based codebase of AEM/CQ code collections generated from AEM by Adobe U.S. Adobe Acs-aem-commons 5.1.x and earlier versions contain a cross-site scripting vulnerability that could be exploited by an attacker to inject malicious JavaScript content into vulnerable form fields and execute them in the context of the victim’s browser.