CVE-2025-64537

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.23 and earlier

Description Adobe Experience Manager is susceptible to a DOM-based Cross-Site Scripting (XSS) issue that could allow for arbitrary code execution. An attacker could leverage this to inject malicious scripts into a web page, which would then execute within the context of a user's browser. Successful exploitation could result in session takeover, compromising confidentiality and integrity. Exploitation requires a user to visit a specially crafted malicious page.

Recommendations Update Adobe Experience Manager to a version later than 6.5.23.