CVE-2025-46854

Adobe Experience Manager (AEM) 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The issue allows a low-privileged attacker to inject malicious JavaScript that may execute in a victim’s browser when visiting a page containing the vulne...

CVE-2025-46909 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46902

Adobe Experience Manager (AEM) versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The issue allows a low-privileged attacker to inject malicious JavaScript, which could execute in a victim’s browser when visiting the page conta...

CVE-2025-46965 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46899

Adobe Experience Manager 6.5.22 and earlier are affected by a stored Cross‑Site Scripting (XSS) vulnerability in vulnerable form fields. A low‑privileged attacker, with user interaction, can inject malicious JavaScript executed in a victim’s browser when visiting the vulnerable page. remediation:...

CVE-2025-47005

Adobe Experience Manager 6.5.22 and earlier are affected by a stored Cross‑Site Scripting (XSS) vulnerability (CVE-2025-47005). The issue allows a low‑privileged attacker to inject malicious scripts into vulnerable form fields, with malicious JavaScript executed in a victim’s browser when visitin...

CVE-2025-46876 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-47022

Adobe Experience Manager (AEM) 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) flaw in vulnerable form fields, allowing a low-privilege attacker to inject malicious JavaScript that runs in a victim’s browser when visiting the page containing the field. The issue is document...

CVE-2025-47048

Adobe Experience Manager (AEM) versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. A low-privileged attacker can inject malicious scripts, which may execute in a victim’s browser when visiting a page containing the vulnerable fi...

CVE-2025-47048 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-47069 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46916

Adobe Experience Manager (AEM) 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The underlying issue allows a low-privileged attacker to inject malicious scripts, which may execute in the victim’s browser when visiting a page containi...

CVE-2025-46916 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46946

Adobe Experience Manager 6.5.22 and earlier are affected by a stored XSS vulnerability in vulnerable form fields. A low-privileged attacker could inject malicious JavaScript that executes in a victim’s browser when visiting a page containing the field. Remediation per APSB25-48 is to apply Adobe’...

CVE-2025-47031 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-47000 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46970 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46886

Adobe Experience Manager (AEM) 6.5.22 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. Exploitation could allow a low-privileged attacker to inject malicious scripts that run in a victim’s browser after visiting a page with the vulnerable fie...

CVE-2025-46920 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46875 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...