CVE-2025-47116 – Adobe Experience Manager Stored XSS Vulnerability

June 10, 2025

CVE ID : CVE-2025-47116

Published : June 10, 2025, 11:15 p.m. | 2 hours, 34 minutes ago

Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47117 – Adobe Experience Manager Stored XSS Vulnerability

Next Article CVE-2025-5985 – Code-projects School Fees Payment System Remote Authentication Bypass Vulnerability

Highlights

CVE-2025-3466 – Langgenius Dify Arbitrary Code Execution Vulnerability

July 7, 2025

CVE ID : CVE-2025-3466

Published : July 7, 2025, 10:15 a.m. | 2 hours, 54 minutes ago

Description : langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with full root permissions. The vulnerability arises from the ability to override global functions in JavaScript, such as parseInt, before sandbox security restrictions are imposed. This can lead to unauthorized access to secret keys, internal network servers, and lateral movement within dify.ai. The issue is resolved in version 1.1.3.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-47116 – Adobe Experience Manager Stored XSS Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Microsoft announced a new Surface Pro and Surface Laptop as Nintendo’s legal team tried to gut Palworld and the Xbox gaming handheld leaked online

GoZen – minimalistic video editor

Slay in style with RTX 50-series DOOM: The Dark Ages PCs, laptops, and GPUs you could get free — act fast before the giveaways end

Understanding Input Selectivity in Mamba

CVE-2025-3466 – Langgenius Dify Arbitrary Code Execution Vulnerability

CVE-2025-52101 – Linjiashop JWT Authentication Access Control Bypass

Illicit crypto-miners pouncing on lazy DevOps configs that leave clouds vulnerable

CVE-2025-37988 – Apache Linux Kernel Mount Namespace Locking races

CVE-2025-47116 – Adobe Experience Manager Stored XSS Vulnerability

Related Posts