Adobe Experience Manager Cross-Site Scripting Vulnerability

Adobe Experience Manager is a comprehensive content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from a DOM-type cross-site scripting vulnerability that can be exploited by an attacker to cause malicious script execution...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-14831)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-14993)

Adobe Experience Manager is a comprehensive content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from the vulnerability of form fields to stored cross-site scripting attacks. An attacker can exploit the vulnerability to cause...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2025-15086)

Adobe Experience Manager is a comprehensive content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from the vulnerability of form fields to stored cross-site scripting attacks. An attacker can exploit the vulnerability to cause...

CVE-2025-28380

A cross-site scripting XSS vulnerability in OpenC3 COSMOS before v6.0.2 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-15079)

Adobe Experience Manager is a comprehensive content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from the vulnerability of form fields to stored cross-site scripting attacks. An attacker can exploit the vulnerability to cause...

CVE-2025-28380

Summary of CVE-2025-28380 : OpenC3 COSMOS is affected by an XSS vulnerability that enables execution of arbitrary web scripts/HTML via a crafted payload in a URL parameter, observed in versions prior to 6.0.2. The reports consistently identify the vulnerable component as the web-facing URL parame...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-14989)

Adobe Experience Manager is a comprehensive content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from the vulnerability of form fields to stored cross-site scripting attacks. An attacker can exploit the vulnerability to cause...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2025-14294)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A securit...

Adobe Experience Manage Cross-Site Vulnerability (CNVD-2025-16204)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A securit...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-14517)

Adobe Experience Manager is a comprehensive content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from the vulnerability of form fields to stored cross-site scripting attacks that can be exploited by an attacker to cause...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-14293)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A securit...

CVE-2024-37396

A stored cross-site scripting XSS vulnerability in the Calendar function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the 'Notes' field of a calendar event. This could lead to the execution of malicious scripts when the...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through multiple system messages. An attacker can execute arbitrary scripts in the context of the user's browser by inserting malicious content into editable interface elements. Details Cross-site scripting or X...

WordPress WP Attachments plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress WP Attachments plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied dat...

WordPress Easy Digital Downloads plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Easy Digital Downloads plugin, which stems from the application's lack of effective filtering and escaping of...

CVE-2025-47089

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-47067

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-47040

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-47034

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...