3249 matches found
CVE-2025-47090
Summary of CVE-2025-47090 (Adobe Experience Manager) : A stored Cross-Site Scripting (XSS) vulnerability affects AEM versions 6.5.22 and earlier, allowing a low-privileged attacker to inject malicious scripts into vulnerable form fields. When victims visit a page containing the vulnerable field, ...
CVE-2025-47084
Adobe Experience Manager (AEM) 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The issue allows a low-privilege attacker to inject malicious JavaScript, which may execute in a victim’s browser when visiting a page containing the vuln...
CVE-2025-47002 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47002
CVE-2025-47002 is an XSS vulnerability affecting Adobe Experience Manager 6.5.22 and earlier. The stored XSS occurs in vulnerable form fields, allowing a low-privileged attacker to inject malicious scripts that execute in a victim’s browser when visiting the affected page. The CVE is documented w...
CVE-2025-46967 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47089 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47089
Adobe Experience Manager (AEM) versions 6.5.22 and earlier are affected by a stored Cross‑Site Scripting (XSS) vulnerability due to improper validation of user input in form fields. An attacker with low privileges could inject malicious scripts, which may execute in a victim’s browser when visiti...
CVE-2025-46967
Summary: CVE-2025-46967 affects Adobe Experience Manager (AEM) 6.5.22 and earlier. Vulnerability: stored Cross-Site Scripting (XSS) in vulnerable form fields allows a low-privileged attacker to inject JavaScript, which executes in a victim’s browser when visiting the affected page. Impact (as sta...
CVE-2025-47089 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-46873 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-46963
Adobe Experience Manager (AEM) prior to 6.5.23 (6.5.22 and earlier) is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The root cause is input handling that allows attackers with low privileges to inject and execute malicious JavaScript in victims’ browser...
CVE-2025-47068 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-46891 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47068 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47068
CVE-2025-47068 affects Adobe Experience Manager (AEM) versions 6.5.22 and earlier. The vulnerability is a stored Cross-Site Scripting (XSS) in vulnerable form fields, allowing a low-privileged attacker to inject malicious scripts that execute in a victim’s browser when visiting the affected page....
CVE-2025-47000 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47000
CVE-2025-47000 affects Adobe Experience Manager up to version 6.5.22 (and earlier). The issue is a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields that allows a low-privileged attacker to inject malicious JavaScript, which is executed in a victim’s browser when visiting ...
CVE-2025-47042
Adobe Experience Manager (AEM) 6.5.22 and earlier is affected by a stored XSS vulnerability in vulnerable form fields. A low-privileged attacker can inject malicious scripts, potentially resulting in JavaScript execution in a victim’s browser when visiting the affected page. The issue is document...
CVE-2025-46859 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-46859 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...