2 matches found
EUVD-2026-11066
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...
CVE-2025-46856
Adobe Experience Manager (AEM) versions 6.5.22 and earlier are affected by a DOM-based XSS vulnerability. The issue allows a low-privileged attacker to manipulate the DOM to execute malicious JavaScript in a victim’s browser, with exploitation requiring user interaction (victim visits a crafted p...