Adobe Experience Manager vulnerabilities

962 known vulnerabilities affecting adobe/adobe_experience_manager.

Total CVEs

962

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH14MEDIUM932LOW8

Vulnerabilities

Page 15 of 49

CVE-2025-46859MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46859 [MEDIUM] CWE-79 CVE-2025-46859: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47030MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47030 [MEDIUM] CWE-79 CVE-2025-47030: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47115MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47115 [MEDIUM] CWE-79 CVE-2025-47115: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47016MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47016 [MEDIUM] CWE-79 CVE-2025-47016: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46842MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46842 [MEDIUM] CWE-79 CVE-2025-46842: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47076MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47076 [MEDIUM] CWE-79 CVE-2025-47076: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47065MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47065 [MEDIUM] CWE-79 CVE-2025-47065: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47084MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47084 [MEDIUM] CWE-79 CVE-2025-47084: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47113MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47113 [MEDIUM] CWE-79 CVE-2025-47113: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46854MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46854 [MEDIUM] CWE-79 CVE-2025-46854: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47040MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47040 [MEDIUM] CWE-79 CVE-2025-47040: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46846MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46846 [MEDIUM] CWE-79 CVE-2025-46846: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47002MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47002 [MEDIUM] CWE-79 CVE-2025-47002: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46970MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46970 [MEDIUM] CWE-79 CVE-2025-46970: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46882MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46882 [MEDIUM] CWE-79 CVE-2025-46882: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47071MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47071 [MEDIUM] CWE-79 CVE-2025-47071: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46901MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46901 [MEDIUM] CWE-79 CVE-2025-46901: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46888MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46888 [MEDIUM] CWE-79 CVE-2025-46888: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47012MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47012 [MEDIUM] CWE-79 CVE-2025-47012: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46873MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46873 [MEDIUM] CWE-79 CVE-2025-46873: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

← Previous15 / 49Next →