Adobe Experience Manager vulnerabilities

1,088 known vulnerabilities affecting adobe/experience_manager.

Total CVEs

1,088

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL11HIGH27MEDIUM1042LOW8

Vulnerabilities

Page 15 of 55

CVE-2025-47065MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47065 [MEDIUM] CWE-79 CVE-2025-47065: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47084MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47084 [MEDIUM] CWE-79 CVE-2025-47084: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47113MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47113 [MEDIUM] CWE-79 CVE-2025-47113: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46854MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46854 [MEDIUM] CWE-79 CVE-2025-46854: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47040MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47040 [MEDIUM] CWE-79 CVE-2025-47040: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46846MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46846 [MEDIUM] CWE-79 CVE-2025-46846: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47002MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47002 [MEDIUM] CWE-79 CVE-2025-47002: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46970MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46970 [MEDIUM] CWE-79 CVE-2025-46970: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46882MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46882 [MEDIUM] CWE-79 CVE-2025-46882: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47071MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47071 [MEDIUM] CWE-79 CVE-2025-47071: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46901MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46901 [MEDIUM] CWE-79 CVE-2025-46901: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46888MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46888 [MEDIUM] CWE-79 CVE-2025-46888: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47012MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47012 [MEDIUM] CWE-79 CVE-2025-47012: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46873MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46873 [MEDIUM] CWE-79 CVE-2025-46873: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47087MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47087 [MEDIUM] CWE-79 CVE-2025-47087: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46853MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46853 [MEDIUM] CWE-79 CVE-2025-46853: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46878MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46878 [MEDIUM] CWE-79 CVE-2025-46878: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46943MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46943 [MEDIUM] CWE-79 CVE-2025-46943: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46934MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46934 [MEDIUM] CWE-79 CVE-2025-46934: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46903MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46903 [MEDIUM] CWE-79 CVE-2025-46903: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

← Previous15 / 55Next →