CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

44,995 vulnerabilities with CWE-79
CVE-2025-64613 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64612 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64611 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64609 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64607 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64606 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64605 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64604 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64603 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64602 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64601 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64600 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64599 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64598 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64597 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64596 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64594 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64593 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64592 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64591 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64590 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64586 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64585 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64583 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2025-64582 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
Details
Vulnerabilities 44,995
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits