CNNVD-202512-1900 Information

Dec 10, 2025 cve

CNNVD ID

CNNVD-202512-1900

CVE-2025-64591

  • CNNVD Published: 2025-12-10

Description (Chinese)

Adobe Experience Manager(AEM)是美国奥多比(Adobe)公司的一套可用于构建网站、移动应用程序和表单的内容管理解决方案。该方案支持移动内容管理、营销销售活动管理和多站点管理等。 Adobe Experience Manager 6.5.23及之前版本存在跨站脚本漏洞,该漏洞源于表单字段存在存储型跨站脚本漏洞,可能导致恶意脚本执行。

Description (English)

Adobe Exchange Manager (AEM) is a set of content management solutions for the construction of websites, mobile applications and forms from Adobe in the United States. The programme supports mobile content management, marketing activities management and multi-site management. There is a cross-site script loophole in Adobe Exchange Manager 6.5.23 and earlier versions, which stems from the storage-type cross-site script gap in the table field, which may lead to malicious script execution.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

奥多比

Published

2025-12-10

Last Modified

2026-02-24

References

https://helpx.adobe.com/security/products/experience-manager/apsb25-115.html

Patch

https://helpx.adobe.com/security/products/experience-manager/apsb25-115.html

Share on: