Adobe Experience Manager vulnerabilities

1,088 known vulnerabilities affecting adobe/experience_manager.

Total CVEs

1,088

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL11HIGH27MEDIUM1042LOW8

Vulnerabilities

Page 17 of 55

CVE-2025-46954MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46954 [MEDIUM] CWE-79 CVE-2025-46954: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47063MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47063 [MEDIUM] CWE-79 CVE-2025-47063: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46843MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46843 [MEDIUM] CWE-79 CVE-2025-46843: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46982MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46982 [MEDIUM] CWE-79 CVE-2025-46982: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46966MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46966 [MEDIUM] CWE-79 CVE-2025-46966: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46933MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46933 [MEDIUM] CWE-79 CVE-2025-46933: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47078MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47078 [MEDIUM] CWE-79 CVE-2025-47078: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46915MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46915 [MEDIUM] CWE-79 CVE-2025-46915: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46946MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46946 [MEDIUM] CWE-79 CVE-2025-46946: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46957MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46957 [MEDIUM] CWE-79 CVE-2025-46957: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46907MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46907 [MEDIUM] CWE-79 CVE-2025-46907: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46863MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46863 [MEDIUM] CWE-79 CVE-2025-46863: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47055MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47055 [MEDIUM] CWE-79 CVE-2025-47055: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46855MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46855 [MEDIUM] CWE-79 CVE-2025-46855: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46960MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46960 [MEDIUM] CWE-79 CVE-2025-46960: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46939MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46939 [MEDIUM] CWE-79 CVE-2025-46939: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47080MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47080 [MEDIUM] CWE-79 CVE-2025-47080: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-47021MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-47021 [MEDIUM] CWE-79 CVE-2025-47021: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46944MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46944 [MEDIUM] CWE-79 CVE-2025-46944: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

CVE-2025-46883MEDIUMCVSS 5.4fixed in 6.5.23.0fixed in 2025.5.02025-06-10

CVE-2025-46883 [MEDIUM] CWE-79 CVE-2025-46883: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting ( Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

nvd

← Previous17 / 55Next →