cbcvebase.

Adobe Experience Manager vulnerabilities

962 known vulnerabilities affecting adobe/adobe_experience_manager.

Total CVEs
962
CISA KEV
1
actively exploited
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH14MEDIUM932LOW8

Vulnerabilities

Page 7 of 49
CVE-2025-64566MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64566 [MEDIUM] CWE-79 CVE-2025-64566: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
nvd
CVE-2025-64582MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64582 [MEDIUM] CWE-79 CVE-2025-64582: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64799MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64799 [MEDIUM] CWE-79 CVE-2025-64799: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64887MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64887 [MEDIUM] CWE-79 CVE-2025-64887: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
nvd
CVE-2025-64875MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64875 [MEDIUM] CWE-79 CVE-2025-64875: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64611MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64611 [MEDIUM] CWE-79 CVE-2025-64611: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64803MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64803 [MEDIUM] CWE-79 CVE-2025-64803: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64553MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64553 [MEDIUM] CWE-79 CVE-2025-64553: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64545MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64545 [MEDIUM] CWE-79 CVE-2025-64545: Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scriptin Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute malicious scripts in the context of the victim's browser. Exploitation of this issue requires user interaction, such as visiting a crafted URL or interacting with a m
nvd
CVE-2025-64829MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64829 [MEDIUM] CWE-79 CVE-2025-64829: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64613MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64613 [MEDIUM] CWE-79 CVE-2025-64613: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64821MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64821 [MEDIUM] CWE-79 CVE-2025-64821: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64609MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64609 [MEDIUM] CWE-79 CVE-2025-64609: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64590MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64590 [MEDIUM] CWE-79 CVE-2025-64590: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64861MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64861 [MEDIUM] CWE-79 CVE-2025-64861: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64585MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64585 [MEDIUM] CWE-79 CVE-2025-64585: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64794MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64794 [MEDIUM] CWE-79 CVE-2025-64794: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64797MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64797 [MEDIUM] CWE-79 CVE-2025-64797: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64558MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64558 [MEDIUM] CWE-79 CVE-2025-64558: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2025-64808MEDIUMCVSS 5.4≤ 6.5.232025-12-10
CVE-2025-64808 [MEDIUM] CWE-79 CVE-2025-64808: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
← Previous7 / 49Next →
Adobe Experience Manager vulnerabilities | cvebase