CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3249 matches found

CVE•added 2025/06/10 10:17 p.m.•48 views

CVE-2025-46973

Adobe Experience Manager (AEM) 6.5.22 and earlier has a stored Cross-Site Scripting (XSS) vulnerability (CVE-2025-46973). The issue allows a low-privileged attacker to inject malicious scripts into vulnerable form fields, with malicious JavaScript executed in a victim’s browser when visiting the ...

5.4CVSS5AI score0.00293EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/06/10 10:17 p.m.•2 views

CVE-2025-46960 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.4AI score0.00268EPSS

Exploits0References1

Cvelist•added 2025/06/10 10:17 p.m.•6 views

CVE-2025-46934 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00293EPSS

Exploits0References1

CVE•added 2025/06/10 10:17 p.m.•50 views

CVE-2025-46934

CVE-2025-46934 affects Adobe Experience Manager versions 6.5.22 and earlier. The issue is a stored XSS in vulnerable form fields, allowing a low-privileged attacker to inject malicious JavaScript which runs in a victim’s browser when visiting the affected page. Exploitation details and impact are...

5.4CVSS5AI score0.00293EPSS

Exploits0References1Affected Software1

CVE•added 2025/06/10 10:17 p.m.•46 views

CVE-2025-46960

Adobe Experience Manager 6.5.22 and earlier are affected by a stored XSS vulnerability (CVE-2025-46960). The issue allows a low-privileged attacker to inject malicious scripts into vulnerable form fields, with JavaScript potentially executing in a victim’s browser when visiting the page containin...

5.4CVSS5AI score0.00268EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/06/10 10:17 p.m.•2 views

CVE-2025-47035 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS5.4AI score0.00273EPSS

Exploits0References1

Vulnrichment•added 2025/06/10 10:17 p.m.•2 views

CVE-2025-46912 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS5.4AI score0.00293EPSS

Exploits0References1

Cvelist•added 2025/06/10 10:17 p.m.•5 views

CVE-2025-46912 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00293EPSS

Exploits0References1

CVE•added 2025/06/10 10:17 p.m.•45 views

CVE-2025-46912

Adobe Experience Manager (AEM) 6.5.22 and earlier are affected by a stored XSS vulnerability (CVE-2025-46912) that low-privileged attackers can abuse to inject JavaScript into vulnerable form fields, potentially executing in victims’ browsers. Linked sources note additional XSS variants (reflecte...

5.4CVSS5AI score0.00293EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/06/10 10:17 p.m.•4 views

CVE-2025-46862 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00253EPSS

Exploits0References1

Vulnrichment•added 2025/06/10 10:17 p.m.•3 views

CVE-2025-46862 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS5.4AI score0.00253EPSS

Exploits0References1

CVE•added 2025/06/10 10:17 p.m.•46 views

CVE-2025-46862

Adobe Experience Manager (AEM) 6.5.22 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. A low-privilege attacker could inject malicious JavaScript, which may execute in a victim’s browser when they visit the affected page; exploitation require...

5.4CVSS5AI score0.00253EPSS

Exploits0References1Affected Software1

OSV•added 2025/06/10 6:32 p.m.•3 views

GHSA-J934-VJH5-VF9R Magneto contains stored XSS vulnerability

Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a...

9.1CVSS5.4AI score0.007EPSS

Exploits0References3

NVD•added 2025/06/10 6:15 p.m.•7 views

CVE-2024-37394

A stored cross-site scripting XSS vulnerability in the Project Dashboards of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the 'Dashboard title' and 'Dashboard content' text boxes. This can lead to the execution of malicious...

5.4CVSS0.004EPSS

Exploits1References3

NVD•added 2025/06/10 4:15 p.m.•11 views

CVE-2025-47110

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in ...

8.4CVSS0.007EPSS

Exploits0References1

OSV•added 2025/06/10 4:15 p.m.•3 views

CVE-2025-47110

8.4CVSS8.1AI score

Exploits0References1

Vulnrichment•added 2025/06/10 4:8 p.m.•5 views

CVE-2025-47110 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

8.4CVSS8.2AI score0.007EPSS

Exploits0References1

CVE•added 2025/06/10 4:8 p.m.•104 views

CVE-2025-47110

CVE-2025-47110 is a stored XSS vulnerability in Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier. The issue allows a high-privileged attacker to inject malicious scripts into vulnerable form fields, with JavaScript execution in users’ browsers when visiting the...

8.4CVSS8.2AI score0.007EPSS

Exploits0References1Affected Software1

NVD•added 2025/06/10 1:15 a.m.•8 views

CVE-2025-23192

SAP BusinessObjects Business Intelligence BI Workspace allows an unauthenticated attacker to craft and store malicious script within a workspace. When the victim accesses the workspace, the script will execute in their browser enabling the attacker to potentially access sensitive session...

8.2CVSS0.00335EPSS

Exploits0References2

Positive Technologies•added 2025/06/10 12:0 a.m.•4 views

PT-2025-25028 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: The issue is a stored Cross-Site Scripting XSS vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. When ...

5.4CVSS5.1AI score0.00293EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by