Adobe Experience Manager vulnerabilities
966 known vulnerabilities affecting adobe/adobe_experience_manager.
Total CVEs
966
CISA KEV
1
actively exploited
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH14MEDIUM936LOW8
Vulnerabilities
Page 5 of 49
CVE-2025-64614MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64614 [MEDIUM] CWE-79 CVE-2025-64614: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64858MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64858 [MEDIUM] CWE-79 CVE-2025-64858: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64590MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64590 [MEDIUM] CWE-79 CVE-2025-64590: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64602MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64602 [MEDIUM] CWE-79 CVE-2025-64602: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64820MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64820 [MEDIUM] CWE-79 CVE-2025-64820: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64794MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64794 [MEDIUM] CWE-79 CVE-2025-64794: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64888MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64888 [MEDIUM] CWE-79 CVE-2025-64888: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64823MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64823 [MEDIUM] CWE-79 CVE-2025-64823: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64872MEDIUMCVSS 4.8≤ 6.5.232025-12-10
CVE-2025-64872 [MEDIUM] CWE-79 CVE-2025-64872: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64557MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64557 [MEDIUM] CWE-79 CVE-2025-64557: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64615MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64615 [MEDIUM] CWE-79 CVE-2025-64615: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64546MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64546 [MEDIUM] CWE-79 CVE-2025-64546: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64598MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64598 [MEDIUM] CWE-79 CVE-2025-64598: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64800MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64800 [MEDIUM] CWE-79 CVE-2025-64800: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64802MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64802 [MEDIUM] CWE-79 CVE-2025-64802: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64563MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64563 [MEDIUM] CWE-79 CVE-2025-64563: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64556MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64556 [MEDIUM] CWE-79 CVE-2025-64556: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64821MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64821 [MEDIUM] CWE-79 CVE-2025-64821: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64545MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64545 [MEDIUM] CWE-79 CVE-2025-64545: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64594MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64594 [MEDIUM] CWE-79 CVE-2025-64594: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd