Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2026-47939
5.4MEDIUM
What is CVE-2026-47939?
Adobe Experience Manager versions 6.5.24, LTS SP1, and 2026.04 and earlier are susceptible to a stored Cross-Site Scripting (XSS) vulnerability. This flaw allows low-privileged attackers to inject harmful scripts into vulnerable form fields. When users interact with affected pages, malicious JavaScript may execute within their browsers, posing significant security risks, including data theft and session hijacking. Proper remediation is essential to protect user data and maintain application integrity.
Affected Version(s)
Adobe Experience Manager 0 <= 2026.04