CVE-2025-47096
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-10

Last updated on: 2025-07-15

Assigner: Adobe Systems Incorporated

Description
Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass, allowing a low impact to the integrity of the component. Exploitation of this issue requires user interaction in that a victim must interact with the malicious content. Low privileges are required.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-10
Last Modified
2025-07-15
Generated
2026-05-07
AI Q&A
2025-06-11
EPSS Evaluated
2026-05-05
NVD
CVE-2025-47096
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
adobe experience_manager to 6.5.23.0 (exc)
adobe experience_manager to 2025.5.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in Adobe Experience Manager versions 6.5.22 and earlier is an Improper Input Validation issue that could allow an attacker to execute arbitrary code with the privileges of the current user. Exploitation requires the victim to interact by opening a malicious file, and only low privileges are needed to carry out the attack.


How can this vulnerability impact me? :

If exploited, this vulnerability could allow an attacker to run arbitrary code on your system with the same privileges as the current user, potentially leading to unauthorized actions or compromise of your environment. However, exploitation requires user interaction and low privileges.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart