Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2026-27237
5.4MEDIUM
What is CVE-2026-27237?
Adobe Experience Manager versions 6.5.23 and earlier are susceptible to a stored Cross-Site Scripting (XSS) vulnerability that could allow low-privileged attackers to inject malicious JavaScript into form fields. This could lead to execution of the script in the browsers of users who access the impacted pages, posing a significant risk to data security and user privacy.
Affected Version(s)
Adobe Experience Manager 0 <= 6.5.23