Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2026-27241
5.4MEDIUM
What is CVE-2026-27241?
Adobe Experience Manager versions up to 6.5.23 are susceptible to a stored Cross-Site Scripting (XSS) flaw. This vulnerability allows low-privileged attackers to insert malicious scripts into vulnerable form fields. When users access affected pages, the embedded JavaScript can execute in their browsers, potentially leading to unauthorized actions or data exposure.
Affected Version(s)
Adobe Experience Manager 0 <= 6.5.23