107 matches found
CVE-2026-48258
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...
CVE-2026-47989
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...
EUVD-2026-35763
Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when th...
CVE-2026-47980
Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored XSS vulnerability. The issue allows a low-privileged attacker to inject malicious scripts into vulnerable form fields, with execution of JavaScript when a user visits the page containing the vuln...
CVE-2026-47945 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...
CVE-2026-47985 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...
CVE-2026-48251 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...
CVE-2026-47956 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...
CVE-2026-48258
CVE-2026-48258 affects Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier. The issue is a DOM-based XSS vulnerability where an attacker can leverage DOM manipulation to execute malicious JavaScript in the victim’s browser. Exploitation requires user interaction (the victim mus...
CVE-2026-47970
Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability. A low-privileged attacker can abuse vulnerable form fields to inject malicious scripts, which may execute in a victim’s browser when visiting the page co...
CVE-2026-47957
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse ...
CVE-2026-47986
CVE-2026-47986 affects Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier. It is a DOM-based Cross‑Site Scripting (XSS) vulnerability where an attacker can cause malicious JavaScript to run in a victim’s browser by manipulating the DOM; exploitation requires the user to visit ...
CVE-2026-48304
Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability. A low-privileged attacker can abuse vulnerable form fields to inject malicious JavaScript, which may execute in a victim’s browser when visiting the page...
PT-2026-48260
Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 and 26.001.21651 and earlier Description An Uncontrolled Search Path Element issue exists where the application does not properly validate the paths used to search for files. This can lead to arbitrary code...
PT-2026-48079
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...
PT-2026-48051
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...
PT-2026-48083
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...
PT-2026-48048
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...
PT-2026-48226
Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this...
PT-2026-48089
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...