Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2025-47015
5.4MEDIUM
What is CVE-2025-47015?
Adobe Experience Manager versions 6.5.22 and earlier are susceptible to a stored Cross-Site Scripting vulnerability. This flaw allows attackers with low privileges to inject malicious JavaScript into various form fields within the application. Upon visiting a page that contains a compromised field, users may unknowingly execute harmful scripts in their browsers. This situation can lead to data theft, session hijacking, and further malicious exploitation within the affected Adobe Experience Manager environment.
Affected Version(s)
Adobe Experience Manager 0 <= 6.5.22