CVE-2025-46895

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.22 and earlier

Description A stored Cross-Site Scripting (XSS) issue affects the software, allowing an attacker with limited privileges to inject malicious scripts into vulnerable form fields. This could result in malicious JavaScript being executed in a victim's browser when they access the page containing the vulnerable field.

Recommendations For Adobe Experience Manager versions 6.5.22 and earlier, update to a version that contains a fix for this issue to prevent malicious script injection. As a temporary workaround, consider restricting access to vulnerable form fields until a patch is available.