CVE-2025-46968 in Experience Managerinfo

Summary

by MITRE • 06/11/2025

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 06/13/2025

Adobe Experience Manager represents a comprehensive web content management platform widely deployed across enterprise environments for digital experience management. The platform serves as a central hub for content creation, management, and delivery, making it a prime target for attackers seeking to compromise user sessions and access sensitive organizational data. Given its role in hosting dynamic web applications and user-generated content, vulnerabilities within AEM can have cascading effects across entire digital ecosystems.

The stored cross-site scripting vulnerability identified in CVE-2025-46968 resides within the form processing functionality of Adobe Experience Manager versions 6.5.22 and earlier. This flaw specifically affects how the system handles user input in form fields, failing to properly sanitize or escape potentially malicious content before storing and rendering it within the application interface. The vulnerability manifests when low privileged users can submit content containing malicious javascript code through form fields that are subsequently displayed to other users without adequate input validation. This represents a classic stored XSS vector where the malicious payload persists in the application's database or storage layer and executes automatically when other users access the affected content.

The operational impact of this vulnerability extends beyond simple script execution, as it provides attackers with a foothold for more sophisticated attacks within the targeted environment. When victims browse to pages containing the vulnerable form fields, their browsers execute the injected javascript code, potentially leading to session hijacking, credential theft, or redirection to malicious sites. The low privilege requirement for exploitation means that even users with minimal access rights can leverage this vulnerability to compromise other users within the same system. This aligns with CWE-79 which classifies cross-site scripting flaws as a fundamental web application security weakness, and the attack pattern maps to ATT&CK technique T1531 which involves creating or modifying system processes to gain persistence or escalate privileges.

Organizations utilizing affected Adobe Experience Manager versions face significant risk exposure given the nature of stored XSS vulnerabilities. The persistent nature of the flaw means that successful exploitation can affect multiple users over extended periods, potentially allowing attackers to establish long-term presence within the target environment. The vulnerability's impact is amplified by the typical administrative and content management roles that utilize AEM platforms, potentially providing attackers with access to sensitive organizational content, user credentials, or system configurations. Security teams must consider both immediate patching strategies and monitoring for potential exploitation attempts, while also implementing additional defensive measures such as content security policies and web application firewalls to mitigate the risk of successful exploitation.

Responsible

Adobe

Reservation

04/30/2025

Disclosure

06/11/2025

Moderation

accepted

CPE

ready

EPSS

0.00275

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!