CVE-2025-47113 – Adobe Experience Manager Stored Cross-Site Scripting (XSS)

June 10, 2025

CVE ID : CVE-2025-47113

Published : June 10, 2025, 11:15 p.m. | 2 hours, 34 minutes ago

Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47115 – Adobe Experience Manager Stored Cross-Site Scripting (XSS)

Next Article CVE-2025-47102 – Adobe Experience Manager DOM-based Cross-Site Scripting (XSS)

Highlights

CVE-2025-47938 – TYPO3 Password Change Without Verification

May 20, 2025

CVE ID : CVE-2025-47938

Published : May 20, 2025, 2:15 p.m. | 34 minutes ago

Description : TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, the backend user management interface allows password changes without requiring the current password. When an administrator updates their own account or modifies other user accounts via the admin interface, the current password is not requested for verification. This behavior may lower the protection against unauthorized access in scenarios where an admin session is hijacked or left unattended, as it enables password changes without additional authentication. Users should update to TYPO3 version 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, or 13.4.12 LTS to fix the problem.

Severity: 3.8 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

6 registry tweaks every tech-savvy user must apply on Windows 11

Here’s why network infrastructure is vital to maximizing your company’s AI adoption

The AI video tool behind the most viral social trends right now

Got a new password manager? How to clean up the password mess you left in the cloud

Right Invoicing App for iPhone: InvoiceTemple

Right Invoicing App for iPhone: InvoiceTemple

Tunnel Run game in 170 lines of pure JS

Integrating Drupal with Salesforce SSO via SAML and Dynamic User Sync

6 registry tweaks every tech-savvy user must apply on Windows 11

6 registry tweaks every tech-savvy user must apply on Windows 11

Is Chrome Copying Edge? ‘Omnibox Tools’ Bring Edge-Style Address Bar Shortcuts

Windows 11 24H2’s new Start Menu auto-changes size based on screen resolution

CVE-2025-47113 – Adobe Experience Manager Stored Cross-Site Scripting (XSS)

Tenable Agent for Windows Vulnerability Let Attackers Login as Admin to Delete The System Files

Meta Invests $14.3 Billion in Scale AI, Recruits Founder Alexandr Wang for Superintelligence Lab

CVE-2024-49846 – Qualcomm MSM Modem Memory Corruption Vulnerability

NVIDIA Fixes High-Severity Vulnerability in TensorRT-LLM

“We’re here for the long haul.” Diablo manager confirms 10-year road map

Learn Vue.js in This Beginner’s Course

CVE-2025-47938 – TYPO3 Password Change Without Verification

Representative Line: Identifying the Representative

CVE-2025-4263 – PHPGurukul Online DJ Booking Management System SQL Injection Vulnerability

CVE-2025-49435 – Hasina77 Wp Easy Allopass CSRF Vulnerability

CVE-2025-47113 – Adobe Experience Manager Stored Cross-Site Scripting (XSS)

Related Posts