CVE-2025-64539

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.23 and earlier

Description Adobe Experience Manager is susceptible to a DOM-based Cross-Site Scripting (XSS) issue, potentially allowing for arbitrary code execution. An attacker could inject malicious scripts into a web page, which would then execute within the context of a user's browser. Successful exploitation could lead to session takeover, compromising confidentiality and integrity. Exploitation requires a user to visit a specially crafted malicious page.

Recommendations Update Adobe Experience Manager to a version later than 6.5.23.