Lucene search
K

25053 matches found

Cvelist
Cvelist
added 2026/03/11 12:23 a.m.36 views

CVE-2026-27257 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 12:23 a.m.2 views

CVE-2026-27257 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 12:23 a.m.3 views

CVE-2026-27257

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 12:23 a.m.6 views

EUVD-2026-11013

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 12:23 a.m.16 views

CVE-2026-27226

Adobe Experience Manager 6.5.23 and earlier are affected by a stored XSS vulnerability in vulnerable form fields. Malicious JavaScript could execute in a victim’s browser when a page with the vulnerable field is visited. The CVSS v3.1 base score is 5.4 (Medium) with AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:...

5.4CVSS5.8AI score0.00224EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/11 12:23 a.m.2 views

CVE-2026-27226

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.8AI score0.00224EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/11 12:23 a.m.25 views

CVE-2026-27226 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 12:23 a.m.2 views

EUVD-2026-10961

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.8AI score0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 12:23 a.m.13 views

CVE-2026-27253

Summary : Adobe Experience Manager (AEM) 6.5.23 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability in form field input. The issue arises from insufficient input sanitization/output encoding, allowing a low-privileged attacker to inject malicious JavaScript that may execu...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/11 12:23 a.m.5 views

EUVD-2026-11006

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 12:23 a.m.2 views

CVE-2026-27253

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References2
CVE
CVE
added 2026/03/11 12:23 a.m.11 views

CVE-2026-27224

CVE-2026-27224 affects Adobe Experience Manager 6.5.23 and earlier, with a stored XSS vulnerability in form fields. An attacker can cause malicious JavaScript to execute in a victim’s browser when visiting a page with the vulnerable field. Remediation is available: update to a newer AEM version (...

5.4CVSS5.8AI score0.00205EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/11 12:23 a.m.2 views

CVE-2026-27224 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.8AI score0.00205EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 12:23 a.m.3 views

EUVD-2026-10957

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.8AI score0.00205EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 12:23 a.m.2 views

CVE-2026-27224

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.8AI score0.00205EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/11 12:23 a.m.36 views

CVE-2026-27250 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.00167EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 12:23 a.m.10 views

CVE-2026-27250

Adobe Experience Manager (AEM) 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in form fields. The issue allows a low-privilege attacker to inject malicious scripts, which may execute in a victim’s browser when the page containing the vulnerable field is loade...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/11 12:23 a.m.1 views

CVE-2026-27250

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 12:23 a.m.3 views

EUVD-2026-10999

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 12:13 a.m.10 views

GHSA-VGH8-C6FP-7GCG Sylius has a XSS vulnerability in checkout login form

Impact A cross-site scripting XSS vulnerability exists in the shop checkout login form handled by the ApiLoginController Stimulus controller. When a login attempt fails, AuthenticationFailureHandler returns a JSON response whose message field is rendered into the DOM using innerHTML, allowing any...

5.3CVSS5.9AI score0.00179EPSS
Exploits0References3
Rows per page
Query Builder