DOM-Based Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2026-48280
5.4MEDIUM
What is CVE-2026-48280?
Adobe Experience Manager is vulnerable to a DOM-based Cross-Site Scripting (XSS) issue that allows attackers to exploit the vulnerable versions by injecting malicious JavaScript code. This type of attack relies on user interaction, meaning that a victim must access a specially crafted webpage for the exploit to be successful. Once the malicious script is executed in the victim's browser context, it can lead to unauthorized actions or data exposure.
Affected Version(s)
Adobe Experience Manager 0 <= 2026.04