Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2026-27244
5.4MEDIUM
What is CVE-2026-27244?
Adobe Experience Manager versions 6.5.23 and earlier are susceptible to a stored Cross-Site Scripting (XSS) vulnerability. This flaw enables low-privileged attackers to inject malicious JavaScript into vulnerable form fields. When users interact with a page containing the compromised field, they may unknowingly execute the injected scripts in their browsers, potentially leading to unauthorized access or data manipulation.
Affected Version(s)
Adobe Experience Manager 0 <= 6.5.23