Adobe Experience Manager vulnerabilities
966 known vulnerabilities affecting adobe/adobe_experience_manager.
Total CVEs
966
CISA KEV
1
actively exploited
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH14MEDIUM936LOW8
Vulnerabilities
Page 6 of 49
CVE-2025-64853MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64853 [MEDIUM] CWE-79 CVE-2025-64853: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64841MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64841 [MEDIUM] CWE-79 CVE-2025-64841: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64600MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64600 [MEDIUM] CWE-79 CVE-2025-64600: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64827MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64827 [MEDIUM] CWE-79 CVE-2025-64827: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64839MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64839 [MEDIUM] CWE-79 CVE-2025-64839: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64564MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64564 [MEDIUM] CWE-79 CVE-2025-64564: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64799MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64799 [MEDIUM] CWE-79 CVE-2025-64799: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64566MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64566 [MEDIUM] CWE-79 CVE-2025-64566: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64833MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64833 [MEDIUM] CWE-79 CVE-2025-64833: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64558MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64558 [MEDIUM] CWE-79 CVE-2025-64558: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64869MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64869 [MEDIUM] CWE-79 CVE-2025-64869: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64826MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64826 [MEDIUM] CWE-79 CVE-2025-64826: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64814MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64814 [MEDIUM] CWE-79 CVE-2025-64814: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64803MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64803 [MEDIUM] CWE-79 CVE-2025-64803: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64861MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64861 [MEDIUM] CWE-79 CVE-2025-64861: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64605MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64605 [MEDIUM] CWE-79 CVE-2025-64605: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64808MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64808 [MEDIUM] CWE-79 CVE-2025-64808: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64789MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64789 [MEDIUM] CWE-79 CVE-2025-64789: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64863MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64863 [MEDIUM] CWE-79 CVE-2025-64863: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64607MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64607 [MEDIUM] CWE-79 CVE-2025-64607: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd