CVE-2026-27241

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

EUVD-2026-11011

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2026-27242

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2026-27237

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2026-27230

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2026-27226

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2026-27255 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2026-27244

Adobe Experience Manager (AEM) 6.5.x is affected by a stored Cross-Site Scripting (XSS) vulnerability in form field input. The root cause is insufficient input sanitization, allowing low-privileged attackers to inject JavaScript that executes in a victim’s browser when visiting pages containing t...

CVE-2026-27223

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2026-27223

CVE-2026-27223 affects Adobe Experience Manager (AEM) up to and including version 6.5.23. The vulnerability is a stored cross-site scripting (XSS) flaw in how user-editable form field input is sanitized and output-encoded, allowing an attacker to inject malicious JavaScript that executes in a vic...

CVE-2026-27263

This CVE ID was issued in error by its CVE Numbering Authority...

CVE-2026-27262 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2026-27242

Adobe Experience Manager fixes for CVE-2026-27242: A stored XSS affecting AEM 6.5.23 and earlier. The vulnerability exists in how form field input is sanitized, allowing a low-privileged attacker to inject malicious JavaScript that executes in a user’s browser when visiting a page containing the ...

EUVD-2026-10959

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2026-27260

This CVE ID is rejected/not used and does not represent an active vulnerability entry.

CVE-2026-27265

Adobe Experience Manager (AEM) 6.5.23 and earlier are affected by a stored Cross‑Site Scripting (XSS) vulnerability in form fields. The underlying issue is insufficient input sanitization/output escaping, allowing a low‑privileged attacker to inject malicious JavaScript that may execute in a vict...

CVE-2026-27233

CVE-2026-27233 concerns Adobe Experience Manager (AEM) 6.5.x up to 6.5.23. The issue is a stored Cross-Site Scripting (XSS) vulnerability in input processing of form fields, allowing a low-privileged attacker to inject JavaScript that could execute in a victim’s browser when loading the vulnerabl...

CVE-2026-27234

Adobe Experience Manager (AEM) versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that can be triggered when processing user input in vulnerable form fields, allowing malicious JavaScript to execute in a victim’s browser. The root cause is insufficient i...

CVE-2026-27264

Adobe Experience Manager (AEM) up to version 6.5.23 is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The issue can be exploited by a low-privileged, network-vector attacker who can lure a user into interacting with a page containing the vulnerable field,...

CVE-2026-27229

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...