Lucene search
K

2788 matches found

OSV
OSV
added 2026/03/11 1:16 a.m.4 views

CVE-2026-27261

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.7AI score0.0003EPSS
Exploits0References1
NVD
NVD
added 2026/03/11 1:16 a.m.6 views

CVE-2026-27248

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.00167EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 1:16 a.m.4 views

CVE-2026-27223

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.7AI score0.00167EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 12:23 a.m.18 views

CVE-2026-27255

Adobe Experience Manager 6.5.23 and earlier are affected by a stored XSS vulnerability in vulnerable form fields. A low-privilege attacker could inject JavaScript that is executed in a user’s browser when visiting the vulnerable page. Remediation referenced in multiple sources is to update to 6.5...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/11 12:23 a.m.4 views

CVE-2026-27223

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References2
CVE
CVE
added 2026/03/11 12:23 a.m.13 views

CVE-2026-27261

This CVE entry is rejected/not used per the Initial Description.

5.8AI score0.0003EPSS
Exploits0
CVE
CVE
added 2026/03/11 12:23 a.m.35 views

CVE-2026-27242

Adobe Experience Manager fixes for CVE-2026-27242: A stored XSS affecting AEM 6.5.23 and earlier. The vulnerability exists in how form field input is sanitized, allowing a low-privileged attacker to inject malicious JavaScript that executes in a user’s browser when visiting a page containing the ...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/11 12:23 a.m.5 views

EUVD-2026-11003

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 12:23 a.m.15 views

CVE-2026-27225

CVE-2026-27225 concerns Adobe Experience Manager (AEM) versions 6.5.23 and earlier, with a stored XSS vulnerability in form fields. The underlying issue is inadequate input sanitization/output encoding, allowing a low-privileged attacker to inject malicious JavaScript that may run in a victim’s b...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/11 12:23 a.m.40 views

CVE-2026-27256 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.00167EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 12:23 a.m.3 views

CVE-2026-27257

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/11 12:23 a.m.2 views

CVE-2026-27224 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.8AI score0.00205EPSS
Exploits0References1
HackRead
HackRead
added 2026/02/21 6:20 p.m.4 views

New ClickFix Attack Targets Crypto Wallets and 25+ Browsers with Infostealer

Researchers at CyberProof have identified a new fake captcha campaign linked to the ClickFix operation. This stealthy infostealer targets over 25 browsers, cryptocurrency wallets like MetaMask, and gaming accounts by tricking users into executing malicious PowerShell commands...

5.6AI score
Exploits0
OSV
OSV
added 2026/02/20 11:16 p.m.7 views

CVE-2019-25454

phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the collection parameter. Attackers can send GET requests to moadmin.php with script payloads in the collection parameter during collection...

6.1CVSS5.9AI score0.00244EPSS
Exploits1References3
NVD
NVD
added 2026/02/19 1:16 p.m.5 views

CVE-2019-25422

Comodo Dome Firewall 2.7.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the vpnfw endpoint. Attackers can submit POST requests with script payloads in the target parameter for reflected XSS or the remark parameter for stored XSS to execute...

7.2CVSS0.00348EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.4 views

CVE-2019-25422

Comodo Dome Firewall 2.7.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the vpnfw endpoint. Attackers can submit POST requests with script payloads in the target parameter for reflected XSS or the remark parameter for stored XSS to execute...

6.1CVSS6AI score0.00348EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.5 views

CVE-2019-25423

Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the /korugan/proxyconfig endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with JavaScript payloads in parameters like...

5.1CVSS5.9AI score0.00399EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.3 views

CVE-2019-25419

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the schedule endpoint. Attackers can submit POST requests with JavaScript payloads in the SCHNAME parameter to execute arbitrary code in...

5.4CVSS6AI score0.00357EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.5 views

CVE-2019-25421

Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. Attackers can submit POST requests with JavaScript payloads in the mac, target, and remark parameters to execute arbitrary code in...

6.1CVSS0.00399EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.4 views

CVE-2019-25417

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protoco...

6.1CVSS0.00399EPSS
Exploits1References4
Rows per page
Query Builder