CWE-79

High likelihood

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

45,000 vulnerabilities with CWE-79
CVE-2025-64590 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64586 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64585 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64583 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2025-64582 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64581 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64580 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64579 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64578 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64577 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64576 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64575 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64574 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64572 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64569 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2025-64566 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2025-64565 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2025-64564 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2025-64563 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2025-64562 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2025-64560 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - DOM-based Cross-Site Scripting
CVSS 5.4
CVE-2025-64559 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64558 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64557 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
CVE-2025-64556 MEDIUM
Adobe Experience Manager < 6.5.24.0 and < 2025.12.0 - Stored Cross-Site Scripting in Form Fields
CVSS 5.4
Details
Vulnerabilities 45,000
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits