CVE-2025-61797

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 11.6 and earlier

Description A stored Cross-Site Scripting (XSS) issue exists in Adobe Experience Manager. A low privileged attacker could inject malicious scripts into vulnerable form fields. Execution of malicious JavaScript may occur in a victim’s browser when they access a page containing the vulnerable field. Exploitation requires user interaction, specifically opening a malicious link.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.