Adobe Experience Manager vulnerabilities
966 known vulnerabilities affecting adobe/adobe_experience_manager.
Total CVEs
966
CISA KEV
1
actively exploited
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH14MEDIUM936LOW8
Vulnerabilities
Page 4 of 49
CVE-2025-64576MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64576 [MEDIUM] CWE-79 CVE-2025-64576: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64857MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64857 [MEDIUM] CWE-79 CVE-2025-64857: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64599MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64599 [MEDIUM] CWE-79 CVE-2025-64599: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64553MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64553 [MEDIUM] CWE-79 CVE-2025-64553: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64616MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64616 [MEDIUM] CWE-79 CVE-2025-64616: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64845MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64845 [MEDIUM] CWE-79 CVE-2025-64845: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64560MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64560 [MEDIUM] CWE-79 CVE-2025-64560: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64627MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64627 [MEDIUM] CWE-79 CVE-2025-64627: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64579MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64579 [MEDIUM] CWE-79 CVE-2025-64579: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64852MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64852 [MEDIUM] CWE-79 CVE-2025-64852: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64550MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64550 [MEDIUM] CWE-79 CVE-2025-64550: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64801MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64801 [MEDIUM] CWE-79 CVE-2025-64801: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64620MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64620 [MEDIUM] CWE-79 CVE-2025-64620: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64790MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64790 [MEDIUM] CWE-79 CVE-2025-64790: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64591MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64591 [MEDIUM] CWE-79 CVE-2025-64591: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64544MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64544 [MEDIUM] CWE-79 CVE-2025-64544: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64575MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64575 [MEDIUM] CWE-79 CVE-2025-64575: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64574MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64574 [MEDIUM] CWE-79 CVE-2025-64574: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64622MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64622 [MEDIUM] CWE-79 CVE-2025-64622: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64559MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64559 [MEDIUM] CWE-79 CVE-2025-64559: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd