Adobe Experience Manager vulnerabilities
1,088 known vulnerabilities affecting adobe/experience_manager.
Total CVEs
1,088
CISA KEV
0
Public exploits
7
Exploited in wild
0
Severity breakdown
CRITICAL11HIGH27MEDIUM1042LOW8
Vulnerabilities
Page 1 of 55
CVE-2026-27228MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27228 [MEDIUM] CWE-79 CVE-2026-27228: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27231MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27231 [MEDIUM] CWE-79 CVE-2026-27231: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27233MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27233 [MEDIUM] CWE-79 CVE-2026-27233: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27226MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27226 [MEDIUM] CWE-79 CVE-2026-27226: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27239MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27239 [MEDIUM] CWE-79 CVE-2026-27239: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27256MEDIUMCVSS 5.4fixed in 6.5.24fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27256 [MEDIUM] CWE-79 CVE-2026-27256: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27236MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27236 [MEDIUM] CWE-79 CVE-2026-27236: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27244MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27244 [MEDIUM] CWE-79 CVE-2026-27244: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27254MEDIUMCVSS 5.4fixed in 6.5.24fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27254 [MEDIUM] CWE-79 CVE-2026-27254: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27247MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27247 [MEDIUM] CWE-79 CVE-2026-27247: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27234MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27234 [MEDIUM] CWE-79 CVE-2026-27234: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27265MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27265 [MEDIUM] CWE-79 CVE-2026-27265: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27252MEDIUMCVSS 5.4fixed in 6.5.24fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27252 [MEDIUM] CWE-79 CVE-2026-27252: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27266MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27266 [MEDIUM] CWE-79 CVE-2026-27266: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27249MEDIUMCVSS 5.4fixed in 6.5.24fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27249 [MEDIUM] CWE-79 CVE-2026-27249: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27225MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27225 [MEDIUM] CWE-79 CVE-2026-27225: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27255MEDIUMCVSS 5.4fixed in 6.5.24fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27255 [MEDIUM] CWE-79 CVE-2026-27255: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27229MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27229 [MEDIUM] CWE-79 CVE-2026-27229: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27250MEDIUMCVSS 5.4fixed in 6.5.24fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27250 [MEDIUM] CWE-79 CVE-2026-27250: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
CVE-2026-27241MEDIUMCVSS 5.4fixed in 6.5.24.0fixed in 2026.2.0+1 more2026-03-11
CVE-2026-27241 [MEDIUM] CWE-79 CVE-2026-27241: Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
nvd
1 / 55Next →