Adobe Experience Manager vulnerabilities

962 known vulnerabilities affecting adobe/adobe_experience_manager.

Total CVEs

962

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH14MEDIUM932LOW8

Vulnerabilities

Page 5 of 49

CVE-2025-64597MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64597 [MEDIUM] CWE-79 CVE-2025-64597: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64605MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64605 [MEDIUM] CWE-79 CVE-2025-64605: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64549MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64549 [MEDIUM] CWE-79 CVE-2025-64549: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64554MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64554 [MEDIUM] CWE-79 CVE-2025-64554: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64789MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64789 [MEDIUM] CWE-79 CVE-2025-64789: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64863MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64863 [MEDIUM] CWE-79 CVE-2025-64863: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64793MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64793 [MEDIUM] CWE-79 CVE-2025-64793: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64839MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64839 [MEDIUM] CWE-79 CVE-2025-64839: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64578MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64578 [MEDIUM] CWE-79 CVE-2025-64578: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64817MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64817 [MEDIUM] CWE-79 CVE-2025-64817: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64572MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64572 [MEDIUM] CWE-79 CVE-2025-64572: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64580MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64580 [MEDIUM] CWE-79 CVE-2025-64580: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64623MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64623 [MEDIUM] CWE-79 CVE-2025-64623: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64852MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64852 [MEDIUM] CWE-79 CVE-2025-64852: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64792MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64792 [MEDIUM] CWE-79 CVE-2025-64792: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64615MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64615 [MEDIUM] CWE-79 CVE-2025-64615: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64873MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64873 [MEDIUM] CWE-79 CVE-2025-64873: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64881MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64881 [MEDIUM] CWE-79 CVE-2025-64881: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64601MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64601 [MEDIUM] CWE-79 CVE-2025-64601: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-64627MEDIUMCVSS 5.4≤ 6.5.232025-12-10

CVE-2025-64627 [MEDIUM] CWE-79 CVE-2025-64627: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

← Previous5 / 49Next →