CVE-2025-47096

Опубликовано: 10 июн. 2025

Источник: nvd

CVSS3: 3.5

EPSS Низкий

Описание

Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass, allowing a low impact to the integrity of the component. Exploitation of this issue requires user interaction in that a victim must interact with the malicious content. Low privileges are required.

Ссылки

https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*

Версия до 6.5.23.0 (исключая)

cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*

Версия до 2025.5.0 (исключая)

EPSS

Процентиль: 21%

0.00068

Низкий

3.5 Low

CVSS3

Дефекты

CWE-20

Связанные уязвимости

GHSA-q48v-v24m-9p7q

CVSS3: 3.5

github

8 месяцев назад

Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Low privileges are required.

BDU:2025-07216

CVSS3: 5.4

fstec