Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2025-64559
5.4MEDIUM
What is CVE-2025-64559?
Adobe Experience Manager versions up to 6.5.23 are susceptible to a stored Cross-Site Scripting (XSS) vulnerability. This flaw allows low-privileged attackers to inject malicious scripts into exposed form fields. When users access pages containing these vulnerable fields, the injected JavaScript executes within their browsers, posing significant risks including data theft, session hijacking, and compromised user experiences.
Affected Version(s)
Adobe Experience Manager 0 <= 6.5.23