Experience Manager Security Vulnerabilities and Issues — Page 12 of Experience Manager CVE List

Lucene search

AdobeExperience Manager

933 matches found

CVE•added 2025/06/10 11:15 p.m.•38 views

CVE-2025-47092

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5AI score0.00041EPSS

CVE•added 2017/12/09 6:29 a.m.•37 views

CVE-2017-3111

An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances.

7.5CVSS7.4AI score0.09607EPSS

CVE•added 2020/09/10 5:15 p.m.•37 views

CVE-2020-9736

AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be...

6.8CVSS5.3AI score0.0209EPSS

CVE•added 2020/09/10 5:15 p.m.•37 views

CVE-2020-9740

AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Design Importer. These scripts may be executed in a...

9CVSS5.6AI score0.00658EPSS

CVE•added 2020/09/10 5:15 p.m.•37 views

CVE-2020-9742

AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below) and 6.3.3.8 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Inbox calendar feature. These scripts may be executed in a victim’s browser wh...

9CVSS5.6AI score0.00872EPSS

CVE•added 2020/09/10 5:15 p.m.•37 views

CVE-2020-9743

AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by an HTML injection vulnerability in the content editor component that allows unauthenticated users to craft an HTTP request that includes arbitrary HTML code in a parameter value....

6.1CVSS6.1AI score0.03316EPSS

CVE•added 2023/12/15 11:15 a.m.•37 views

CVE-2023-48576

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.1AI score0.00319EPSS

CVE•added 2023/12/15 11:15 a.m.•37 views

CVE-2023-48585

5.4CVSS5.3AI score0.00289EPSS

CVE•added 2023/12/15 11:15 a.m.•37 views

CVE-2023-48586

5.4CVSS5.1AI score0.00289EPSS

CVE•added 2023/12/15 11:15 a.m.•37 views

CVE-2023-48597

5.4CVSS5.1AI score0.00289EPSS

CVE•added 2023/12/15 11:15 a.m.•37 views

CVE-2023-48611

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.2AI score0.00964EPSS

CVE•added 2023/12/15 11:15 a.m.•37 views

CVE-2023-48621

Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the v...

5.4CVSS5.1AI score0.01075EPSS

CVE•added 2023/12/20 2:15 p.m.•37 views

CVE-2023-51461

5.4CVSS5.3AI score0.0017EPSS

CVE•added 2024/12/10 10:15 p.m.•37 views

CVE-2024-43726

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.5AI score0.0006EPSS

CVE•added 2024/12/10 10:15 p.m.•37 views

CVE-2024-43730

5.4CVSS5.5AI score0.0006EPSS

CVE•added 2024/12/10 10:15 p.m.•37 views

CVE-2024-43745

Adobe Experience Manager versions 6.5.21 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

5.4CVSS5.9AI score0.0006EPSS

CVE•added 2024/12/10 10:15 p.m.•37 views

CVE-2024-52816

5.4CVSS5.5AI score0.0006EPSS

CVE•added 2024/12/10 10:15 p.m.•37 views

CVE-2024-52824

5.4CVSS5.5AI score0.0006EPSS

CVE•added 2024/12/10 10:15 p.m.•37 views

CVE-2024-52828

5.4CVSS5.5AI score0.0006EPSS

CVE•added 2024/12/10 10:15 p.m.•37 views

CVE-2024-52830

5.4CVSS5.5AI score0.0006EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46843

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46848

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46879

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46888

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46890

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46891

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46905

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46914

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46934

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46992

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-46999

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-47038

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-47047

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-47049

Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue ...

6.1CVSS5.8AI score0.00098EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-47052

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-47057

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-47063

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-47073

5.4CVSS5AI score0.00041EPSS

CVE•added 2025/06/10 11:15 p.m.•37 views

CVE-2025-47114

5.4CVSS5AI score0.00041EPSS

CVE•added 2016/12/15 6:59 a.m.•36 views

CVE-2016-7885

Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.

8.8CVSS8.5AI score0.0118EPSS

CVE•added 2018/10/17 6:29 p.m.•36 views

CVE-2018-15970

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.01145EPSS

CVE•added 2018/10/17 6:29 p.m.•36 views

CVE-2018-15972

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.00982EPSS

CVE•added 2023/12/15 11:15 a.m.•36 views

CVE-2023-48445

5.4CVSS5.2AI score0.00205EPSS

CVE•added 2023/12/15 11:15 a.m.•36 views

CVE-2023-48521

5.4CVSS5.1AI score0.00229EPSS

CVE•added 2023/12/15 11:15 a.m.•36 views

CVE-2023-48531

5.4CVSS5.1AI score0.00205EPSS

CVE•added 2023/12/15 11:15 a.m.•36 views

CVE-2023-48549