CVE 5.4 MEDIUM

Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)_CVE-2025-46998

August 20, 2025 invoker category_cve
5.4 / 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Description

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

Basic Information

ID CVE-2025-46998
Source adobe
Published Aug 20, 2025 at 16:44
Modified Aug 20, 2025 at 17:19

Affected Product

Vendor Adobe
Product Adobe Experience Manager
Affected Versions Adobe Adobe Experience Manager 0

CWE Classification

CWE-79

References

πŸ’­ Join the Security Discussion

πŸ”’ Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.