Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2025-54272
5.4MEDIUM
What is CVE-2025-54272?
Adobe Experience Manager versions 11.6 and earlier contain a stored Cross-Site Scripting vulnerability that enables attackers with low privileges to inject malicious scripts into vulnerable form fields. When users interact with affected fields, malicious JavaScript can run in their browsers, leading to potential exploitation. Successful attacks require user interaction, compelling victims to click on a harmful link. It is essential to address this vulnerability to safeguard user data and enhance overall platform security.
Affected Version(s)
Adobe Experience Manager 0 <= 11.6