Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2025-64600
5.4MEDIUM
What is CVE-2025-64600?
Adobe Experience Manager versions 6.5.23 and earlier are susceptible to a stored Cross-Site Scripting vulnerability. This issue allows low privileged attackers to inject harmful scripts into susceptible form fields. When users access a page containing these compromised fields, malicious JavaScript can be executed in their browsers, potentially leading to unauthorized actions and data exposure.
Affected Version(s)
Adobe Experience Manager 0 <= 6.5.23