Adobe Experience Manager vulnerabilities
966 known vulnerabilities affecting adobe/adobe_experience_manager.
Total CVEs
966
CISA KEV
1
actively exploited
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH14MEDIUM936LOW8
Vulnerabilities
Page 7 of 49
CVE-2025-64578MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64578 [MEDIUM] CWE-79 CVE-2025-64578: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64562MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64562 [MEDIUM] CWE-79 CVE-2025-64562: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64817MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64817 [MEDIUM] CWE-79 CVE-2025-64817: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64572MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64572 [MEDIUM] CWE-79 CVE-2025-64572: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64601MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64601 [MEDIUM] CWE-79 CVE-2025-64601: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64580MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64580 [MEDIUM] CWE-79 CVE-2025-64580: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64623MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64623 [MEDIUM] CWE-79 CVE-2025-64623: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64541MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64541 [MEDIUM] CWE-79 CVE-2025-64541: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64613MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64613 [MEDIUM] CWE-79 CVE-2025-64613: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64792MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64792 [MEDIUM] CWE-79 CVE-2025-64792: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64847MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64847 [MEDIUM] CWE-79 CVE-2025-64847: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64873MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64873 [MEDIUM] CWE-79 CVE-2025-64873: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64881MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64881 [MEDIUM] CWE-79 CVE-2025-64881: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64829MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64829 [MEDIUM] CWE-79 CVE-2025-64829: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64612MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64612 [MEDIUM] CWE-79 CVE-2025-64612: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64611MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64611 [MEDIUM] CWE-79 CVE-2025-64611: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64569MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64569 [MEDIUM] CWE-79 CVE-2025-64569: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin
Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
cvelistv5nvd
CVE-2025-64619MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64619 [MEDIUM] CWE-79 CVE-2025-64619: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64609MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64609 [MEDIUM] CWE-79 CVE-2025-64609: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd
CVE-2025-64585MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64585 [MEDIUM] CWE-79 CVE-2025-64585: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
cvelistv5nvd