Adobe Experience Manager vulnerabilities

CVE-2025-46984 [MEDIUM] CWE-79 CVE-2025-46984: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46918 [MEDIUM] CWE-79 CVE-2025-46918: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46844 [MEDIUM] CWE-79 CVE-2025-46844: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-47074 [MEDIUM] CWE-79 CVE-2025-47074: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46879 [MEDIUM] CWE-79 CVE-2025-46879: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46891 [MEDIUM] CWE-79 CVE-2025-46891: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-47093 [MEDIUM] CWE-79 CVE-2025-47093: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46865 [MEDIUM] CWE-79 CVE-2025-46865: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46877 [MEDIUM] CWE-79 CVE-2025-46877: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-47052 [MEDIUM] CWE-79 CVE-2025-47052: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46850 [MEDIUM] CWE-79 CVE-2025-46850: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46986 [MEDIUM] CWE-79 CVE-2025-46986: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46949 [MEDIUM] CWE-79 CVE-2025-46949: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-47005 [MEDIUM] CWE-79 CVE-2025-47005: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46985 [MEDIUM] CWE-79 CVE-2025-46985: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46895 [MEDIUM] CWE-79 CVE-2025-46895: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46951 [MEDIUM] CWE-79 CVE-2025-46951: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46952 [MEDIUM] CWE-79 CVE-2025-46952: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2025-46874 [MEDIUM] CWE-79 CVE-2025-46874: Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scriptin Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE-2025-46988 [MEDIUM] CWE-79 CVE-2025-46988: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.