CVE-2025-47025 in Experience Managerinfo

Summary

by MITRE • 06/11/2025

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 06/16/2025

Adobe Experience Manager represents a comprehensive content management platform widely deployed across enterprise environments for digital experience management. The platform serves as a central hub for creating, managing, and delivering digital content across multiple channels. This particular vulnerability affects versions 6.5.22 and earlier, which constitute a significant portion of the installed base across organizations utilizing this platform for their digital presence management. The affected system components include form handling mechanisms and user input validation processes that are integral to the platform's content creation workflows.

The stored cross-site scripting vulnerability stems from insufficient input sanitization within the form processing pipeline. When users submit data through web forms within the Adobe Experience Manager interface, the system fails to properly validate and sanitize the input before storing it in the database. This allows malicious actors with low privilege access to inject malicious JavaScript code directly into form fields that are subsequently rendered to other users. The vulnerability specifically impacts the storage and rendering of user-supplied content, creating a persistent XSS vector that remains active until the malicious content is explicitly removed from the system.

The operational impact of this vulnerability extends beyond simple script execution, as it provides attackers with a persistent foothold within the application environment. Low privilege attackers can leverage this vulnerability to execute malicious code in the context of other users' browsers, potentially leading to session hijacking, credential theft, or data exfiltration. The stored nature of the vulnerability means that the malicious payload remains active even after the initial injection, creating a long-term threat vector that can affect multiple users over extended periods. This vulnerability particularly threatens organizations that rely heavily on user-generated content workflows, as it can compromise the integrity of the entire content management ecosystem.

Organizations should implement immediate mitigations including input validation enforcement, output encoding, and privilege escalation controls to prevent unauthorized users from injecting malicious content. The vulnerability aligns with CWE-79 which specifically addresses cross-site scripting flaws in input validation and output encoding. From an attack perspective, this vulnerability maps to ATT&CK technique T1531 which involves the use of malicious content to compromise systems. Security teams should also consider implementing web application firewalls, regular security assessments, and comprehensive user access controls to minimize the attack surface. The remediation process requires updating to patched versions of Adobe Experience Manager and conducting thorough security audits of all form-based input handling mechanisms within the platform.

Responsible

Adobe

Reservation

04/30/2025

Disclosure

06/11/2025

Moderation

accepted

CPE

ready

EPSS

0.00279

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!