Lucene search
+L

195 matches found

nvd
nvd
added 2 days ago5 views

CVE-2026-47994

Adobe Commerce is affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerabl...

8.7CVSS0.00883EPSS
Exploits0References1
cve
cve
added 2 days ago8 views

CVE-2026-48371

Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability. The issue allows a low-privilege attacker to inject malicious scripts into vulnerable form fields, with malicious JavaScript potentially executing in a victim’s browser when visiting the page containing the vulnerabl...

5.4CVSS6.1AI score0.00294EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2 days ago4 views

CVE-2026-48355 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager is affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the...

5.4CVSS6.1AI score0.00294EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/10 9:4 p.m.11 views

CVE-2026-48300

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/10 9:3 p.m.11 views

CVE-2026-47939

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00307EPSS
Exploits0References1
nvd
nvd
added 2026/06/09 5:17 p.m.12 views

CVE-2026-48300

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS0.00224EPSS
Exploits0References1
nvd
nvd
added 2026/06/09 5:17 p.m.10 views

CVE-2026-48304

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS0.00224EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/09 4:49 p.m.8 views

CVE-2026-47980 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/09 4:48 p.m.34 views

CVE-2026-47939 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS0.00307EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/09 4:48 p.m.37 views

CVE-2026-47942 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS0.00307EPSS
Exploits0References1
cve
cve
added 2026/06/09 4:48 p.m.24 views

CVE-2026-47966

Summary of CVE-2026-47966 : Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. When victims vis...

5.4CVSS5.5AI score0.00224EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.14 views

PT-2026-48055

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.12 views

PT-2026-48049

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00307EPSS
Exploits0References2
osv
osv
added 2026/05/12 7:50 p.m.3 views

CVE-2026-34655 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may...

4.8CVSS5.9AI score0.00368EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/04/14 6:0 p.m.3 views

CVE-2026-27288

Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of thi...

5.4CVSS5.8AI score0.00189EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/03/26 3:9 p.m.3 views

CVE-2026-27248

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/26 3:9 p.m.4 views

CVE-2026-27229

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.8AI score0.00205EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/12 9:29 p.m.3 views

CVE-2026-32308 OneUptime: Stored XSS via Mermaid Diagram Rendering (securityLevel: "loose")

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid diagrams with securityLevel: "loose" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams,...

7.6CVSS6AI score0.00224EPSS
Exploits1References1
euvd
euvd
added 2026/03/11 3:31 a.m.4 views

EUVD-2026-11066

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8CVSS5.7AI score0.00304EPSS
Exploits0References2
euvd
euvd
added 2026/03/11 3:31 a.m.5 views

EUVD-2026-10985

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References2
Rows per page
Query Builder