Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2025-64829
5.4MEDIUM
What is CVE-2025-64829?
Adobe Experience Manager versions 6.5.23 and earlier contain a stored Cross-Site Scripting (XSS) vulnerability that allows low privileged attackers to inject malicious scripts into vulnerable form fields. When users interact with these compromised fields, the injected JavaScript code can execute in their browsers, potentially leading to unauthorized actions or data theft.
Affected Version(s)
Adobe Experience Manager 0 <= 6.5.23