Adobe Experience Manager vulnerabilities
966 known vulnerabilities affecting adobe/adobe_experience_manager.
Total CVEs
966
CISA KEV
1
actively exploited
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH14MEDIUM936LOW8
Vulnerabilities
Page 10 of 49
CVE-2025-49534MEDIUMCVSS 5.4≤ FP11.42025-07-08
CVE-2025-49534 [MEDIUM] CWE-79 CVE-2025-49534: Adobe Experience Manager versions 11.4 and earlier are affected by a stored Cross-Site Scripting (XS
Adobe Experience Manager versions 11.4 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Scope i
cvelistv5nvd
CVE-2025-49547MEDIUMCVSS 5.4≤ FP11.42025-07-08
CVE-2025-49547 [MEDIUM] CWE-79 CVE-2025-49547: Adobe Experience Manager versions 11.4 and earlier are affected by a stored Cross-Site Scripting (XS
Adobe Experience Manager versions 11.4 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Scope i
cvelistv5nvd
CVE-2025-46840HIGHCVSS 8.7≤ 6.5.222025-06-10
CVE-2025-46840 [HIGH] CWE-285 CVE-2025-46840: Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Authorization vulne
Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction. A successful attacker can abu
cvelistv5nvd
CVE-2025-46837HIGHCVSS 8.7≤ 6.5.222025-06-10
CVE-2025-46837 [HIGH] CWE-79 CVE-2025-46837: Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scriptin
Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A su
cvelistv5nvd
CVE-2025-47075MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-47075 [MEDIUM] CWE-79 CVE-2025-47075: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46906MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46906 [MEDIUM] CWE-79 CVE-2025-46906: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-47090MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-47090 [MEDIUM] CWE-79 CVE-2025-47090: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-47004MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-47004 [MEDIUM] CWE-79 CVE-2025-47004: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46984MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46984 [MEDIUM] CWE-79 CVE-2025-46984: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46957MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46957 [MEDIUM] CWE-79 CVE-2025-46957: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46918MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46918 [MEDIUM] CWE-79 CVE-2025-46918: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46844MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46844 [MEDIUM] CWE-79 CVE-2025-46844: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46865MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46865 [MEDIUM] CWE-79 CVE-2025-46865: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-47074MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-47074 [MEDIUM] CWE-79 CVE-2025-47074: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46879MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46879 [MEDIUM] CWE-79 CVE-2025-46879: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46891MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46891 [MEDIUM] CWE-79 CVE-2025-46891: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-47093MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-47093 [MEDIUM] CWE-79 CVE-2025-47093: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46877MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46877 [MEDIUM] CWE-79 CVE-2025-46877: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-47052MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-47052 [MEDIUM] CWE-79 CVE-2025-47052: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-46850MEDIUMCVSS 5.4≤ 6.5.222025-06-10
CVE-2025-46850 [MEDIUM] CWE-79 CVE-2025-46850: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd