Adobe Experience Manager vulnerabilities
961 known vulnerabilities affecting adobe/adobe_experience_manager.
Total CVEs
961
CISA KEV
1
actively exploited
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH14MEDIUM932LOW8
Vulnerabilities
Page 3 of 49
CVE-2025-64581MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64581 [MEDIUM] CWE-79 CVE-2025-64581: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64791MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64791 [MEDIUM] CWE-79 CVE-2025-64791: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64577MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64577 [MEDIUM] CWE-79 CVE-2025-64577: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64593MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64593 [MEDIUM] CWE-79 CVE-2025-64593: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64548MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64548 [MEDIUM] CWE-79 CVE-2025-64548: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64554MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64554 [MEDIUM] CWE-79 CVE-2025-64554: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64551MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64551 [MEDIUM] CWE-79 CVE-2025-64551: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64822MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64822 [MEDIUM] CWE-79 CVE-2025-64822: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64596MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64596 [MEDIUM] CWE-79 CVE-2025-64596: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64840MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64840 [MEDIUM] CWE-79 CVE-2025-64840: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64626MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64626 [MEDIUM] CWE-79 CVE-2025-64626: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64597MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64597 [MEDIUM] CWE-79 CVE-2025-64597: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64555MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64555 [MEDIUM] CWE-79 CVE-2025-64555: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64850MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64850 [MEDIUM] CWE-79 CVE-2025-64850: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64793MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64793 [MEDIUM] CWE-79 CVE-2025-64793: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64565MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64565 [MEDIUM] CWE-79 CVE-2025-64565: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64825MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64825 [MEDIUM] CWE-79 CVE-2025-64825: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64549MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64549 [MEDIUM] CWE-79 CVE-2025-64549: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64804MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64804 [MEDIUM] CWE-79 CVE-2025-64804: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64543MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64543 [MEDIUM] CWE-79 CVE-2025-64543: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd