Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager Forms
CVE-2026-34694
4.8MEDIUM
What is CVE-2026-34694?
Adobe Experience Manager Forms JEE versions LTS SP1 and 6.5.24.0, along with earlier versions, are susceptible to a stored Cross-Site Scripting vulnerability. This security issue allows high-privileged attackers to inject malicious JavaScript into vulnerable form fields. When users access a page containing the compromised field, the injected scripts can execute in their browsers, potentially leading to harmful consequences. It is crucial for users to apply the necessary updates and patches to prevent exploitation by malicious actors.
Affected Version(s)
Adobe Experience Manager Forms JEE 0 <= 6.5.24.0