CVE-2025-46849

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

PT-2025-6362 · Adobe · Commerce

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier Description: The issue is related to an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker...

PT-2025-6358 · Adobe · Commerce

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier Description: The issue is related to an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker...

PT-2023-4024 · Oracle · Oracle Hyperion Workspace

Name of the Vulnerable Software and Affected Versions: Oracle Hyperion Workspace version 11.2.13.0.000 Description: The issue is related to insecure privilege management in the UI and Visualization component of Oracle Hyperion Workspace. It allows a low-privileged attacker with network access via...

PT-2023-22062 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 20.2R3-S5 through 20.2R3-S6 Juniper Networks Junos OS versions 20.3R3-S2 through 20.3R3-S5 Juniper Networks Junos OS versions 20.4R3-S1 through 20.4R3-S4 Juniper Networks Junos OS versions 21.1R3 through...