Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2026-27236
5.4MEDIUM
What is CVE-2026-27236?
Adobe Experience Manager versions up to 6.5.23 are susceptible to a stored Cross-Site Scripting vulnerability, allowing low-privileged attackers to inject harmful scripts into vulnerable form fields. When a user accesses a page with these compromised fields, malicious JavaScript could execute in their browser, potentially leading to unauthorized actions or data exposure.
Affected Version(s)
Adobe Experience Manager 0 <= 6.5.23