Adobe Experience Manager vulnerabilities

962 known vulnerabilities affecting adobe/adobe_experience_manager.

Total CVEs

962

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH14MEDIUM932LOW8

Vulnerabilities

Page 20 of 49

CVE-2025-47033MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47033 [MEDIUM] CWE-79 CVE-2025-47033: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46973MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46973 [MEDIUM] CWE-79 CVE-2025-46973: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46950MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46950 [MEDIUM] CWE-79 CVE-2025-46950: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46858MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46858 [MEDIUM] CWE-79 CVE-2025-46858: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46976MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46976 [MEDIUM] CWE-79 CVE-2025-46976: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47075MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47075 [MEDIUM] CWE-79 CVE-2025-47075: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47035MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47035 [MEDIUM] CWE-79 CVE-2025-47035: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47083MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47083 [MEDIUM] CWE-79 CVE-2025-47083: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47006MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47006 [MEDIUM] CWE-79 CVE-2025-47006: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46964MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46964 [MEDIUM] CWE-79 CVE-2025-46964: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47116MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47116 [MEDIUM] CWE-79 CVE-2025-47116: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47067MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47067 [MEDIUM] CWE-79 CVE-2025-47067: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47089MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47089 [MEDIUM] CWE-79 CVE-2025-47089: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46967MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46967 [MEDIUM] CWE-79 CVE-2025-46967: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46924MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46924 [MEDIUM] CWE-79 CVE-2025-46924: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47070MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47070 [MEDIUM] CWE-79 CVE-2025-47070: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46978MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46978 [MEDIUM] CWE-79 CVE-2025-46978: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46913MEDIUMCVSS 4.8≤ 6.5.222025-06-10

CVE-2025-46913 [MEDIUM] CWE-79 CVE-2025-46913: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47011MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-47011 [MEDIUM] CWE-79 CVE-2025-47011: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46995MEDIUMCVSS 5.4≤ 6.5.222025-06-10

CVE-2025-46995 [MEDIUM] CWE-79 CVE-2025-46995: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

← Previous20 / 49Next →