June 25, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Apache Traffic Server DoS via Memory Exhaustion
June 19, 2025End-of-Life TP-Link Routers Become Gateway for Remote Attacks
June 19, 2025Apache Traffic Server DoS via Memory Exhaustion
June 19, 2025End-of-Life TP-Link Routers Become Gateway for Remote Attacks
June 19, 2025
Severity
Medium
Analysis Summary
CVE-2025-46917 CVSS:5.4
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVE-2025-46995 CVSS:5.4
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVE-2025-46901 CVSS:5.4
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Impact
- Cross-Site Scripting
Indicators of Compromise
CVE
CVE-2025-46917
CVE-2025-46995
CVE-2025-46901
Affected Vendors
- Adobe
Affected Products
- Adobe Experience Manager - 6.5.22
Remediation
Refer to the Adobe Security Advisory for patch, upgrade, or suggested workaround information.