CVE-2026-34694

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

EUVD-2026-35765

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's...

CVE-2026-34694 Adobe Experience Manager Forms JEE | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

EUVD-2026-35764

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

PT-2026-48130

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when th...

Adobe Experience Manager Forms Code Execution Vulnerability

Adobe Experience Manager Forms in JEE contains an unspecified vulnerability that allows for arbitrary code execution...

The vulnerability of the corporate platform for creating, managing, and processing electronic forms, documents, and business processes within Adobe Experience Manager AEM Forms on JEE lies in its deserialization mechanism’s flaws, allowing attackers to execute arbitrary code.

The vulnerability of the corporate platform for creating, managing, and processing electronic forms, documents, and business processes within Adobe Experience Manager AEM Forms on JEE is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a maliciou...

J2eeFAST 跨站脚本漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free backend framework platform . A cross-site scripting vulnerability exists in J2eeFAST version 2.6.0 and earlier versions. An attacker can exploit this...

Liima 安全漏洞

Liima is a Liima open source application. Allows you to manage the configuration of Java EE applications in an unlimited number of different environments in various versions, including automated deployment of these applications. A security vulnerability exists in versions prior to Liima 1.17.28...

OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated...

J2eeFAST SQL注入漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free backend framework platform . J2eeFAST 2.2.1 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL...

Oracle WebLogic Server Remote Code Execution Vulnerability (CNVD-2020-38878)

WebLogic is an application server produced by Oracle, is a middleware based on the JAVAEE architecture , WebLogic is used to develop, integrate, deploy and manage large-scale distributed Web applications, network applications and database applications of the Java application server . A remote cod...

IBM WebSphere Application Server Memory Corruption Vulnerability

IBM WebSphere Application Server WAS is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server memory corruption vulnerability. N...

Primetek Primefaces Remote Code Execution Vulnerability

Primetek Primefaces is an open source use in the Java EE system UI library . A remote code execution vulnerability exists in version 5.x of Primetek Primefaces. A remote attacker could exploit this vulnerability to execute code...

Arbitrary File Download Vulnerability in javaee Forum System

javaee forum system is a free open source javaee forum source code system , using springMVC mybatis framework development. javaee forum system has an arbitrary file download vulnerability , an attacker can forge files through the path in the request to download the site configuration or system...

Oracle GlassFish Server Remote Security Vulnerability (CNVD-2017-00928)

Oracle GlassFish Server is the United States Oracle Oracle company's set of Java Platform, Java EE 6 specification can be realized solution. The program provides flexible, lightweight and ready to use for the development of applications Java EE 6 application server. A remote security vulnerabilit...

Redhat JBoss Enterprise Application Platform Information Disclosure Vulnerability

Red Hat JBoss Enterprise Application Platform EAP is an open source, J2EE-based middleware platform from Red Hat, Inc. that builds, deploys, and hosts Java applications and services.WildFly is an open source application server based on JavaEE. WildFly is an open source application server based on...

Red Hat Wildfly Information Disclosure Vulnerability

Red Hat Wildfly formerly known as JBoss Application Server is a U.S. Red Hat Red Hat company based on JavaEE open source application server. An information disclosure vulnerability exists in Red Hat Wildfly. An attacker could exploit this vulnerability to bypass filter restrictions...

ZvingSoft SQL Injection Vulnerability

ZvingSoft ZCMS is a set of enterprise-level web content management system CMS based on J2EE technology and AJAX technology. ZvingSoft ZCMS suffers from a SQL injection vulnerability that could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain databas...

WebGate Control Center Multiple Control Buffer Overflow Vulnerability

WebGate is an APM solution for real-time monitoring and performance management of business-critical systems based on J2EE architecture. A buffer overflow vulnerability exists in multiple controls in WebGate Control Center, which allows attackers to exploit the vulnerability to build malicious web...