CVE-2025-47010

Adobe Experience Manager (AEM) 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The issue allows a low-privileged attacker to inject malicious JavaScript, which can execute in a victim’s browser when visiting the page containing the v...

CVE-2025-46968 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46968

Adobe Experience Manager (AEM) prior to 6.5.23 (6.5.22 and earlier) is affected by a stored Cross‑Site Scripting (XSS) vulnerability in vulnerable form fields that could enable a low‑privilege attacker to inject malicious JavaScript, executed in a victim’s browser when visiting the page containin...

CVE-2025-46844

Adobe Experience Manager CVE-2025-46844 affects AEM 6.5.22 and earlier with a stored XSS in vulnerable form fields. Exploitation by a low-privileged user who can cause a victim’s browser to execute malicious JavaScript when visiting a page containing the vulnerable field is described in multiple ...

CVE-2025-46907 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46907 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46907

Affected software: Adobe Experience Manager (AEM) version 6.5.22 and earlier. Vulnerability: Stored Cross-Site Scripting (XSS) in vulnerable form fields that could allow a low-privileged attacker to inject malicious scripts, which execute in a victim’s browser when visiting pages containing the v...

CVE-2025-46853

Adobe Experience Manager CVE-2025-46853 describes a stored Cross-Site Scripting (XSS) vulnerability affecting AEM 6.5.22 and earlier. The issue allows a low-privileged attacker to inject malicious scripts into vulnerable form fields, with malicious JavaScript executed in a victim’s browser when v...

CVE-2025-46853 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46930 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46930 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46972 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46984 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46984

CVE-2025-46984: Stored XSS in Adobe Experience Manager (AEM) 6.5.22 and earlier. Low-privileged attacker could inject scripts into vulnerable form fields; malicious JavaScript could execute in a victim’s browser. Affected products: AEM 6.5.x (pre-6.5.23). Mitigation: apply APSB25-48 updates/patch...

CVE-2025-46972

Adobe Experience Manager (AEM) versions 6.5.22 and earlier are affected by a stored XSS vulnerability in vulnerable form fields. A low-privileged attacker could inject malicious JavaScript, which may execute in a victim’s browser when visiting the page containing the field. Remediation per APSB25...

CVE-2025-47051 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-47051

CVE-2025-47051 affects Adobe Experience Manager (AEM) 6.5.22 and older, with a stored Cross-Site Scripting (XSS) vulnerability that could allow a low-privilege attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may execute in a victim’s browser when loading a p...

CVE-2025-46881 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-46881

CVE-2025-46881 : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability. A low-privilege attacker could inject malicious scripts into vulnerable form fields, with the malicious JavaScript potentially executing in the victim’s browser...

CVE-2025-46881 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...