Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2025-46978
5.4MEDIUM
What is CVE-2025-46978?
Adobe Experience Manager versions 6.5.22 and earlier have a stored Cross-Site Scripting (XSS) vulnerability, allowing low privileged attackers to inject harmful scripts into vulnerable form fields. This could lead to the execution of malicious JavaScript in users' browsers when they access affected web pages, posing significant risks to both users and applications by compromising user data and session integrity.
Affected Version(s)
Adobe Experience Manager 0 <= 6.5.22