CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-46845 |
Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.03%
June 10th, 2025 (10 days ago)
|
|
CVE-2025-46844 |
Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.03%
June 10th, 2025 (10 days ago)
|
|
CVE-2025-46843 |
Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.03%
June 10th, 2025 (10 days ago)
|
|
CVE-2025-46842 |
Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.03%
June 10th, 2025 (10 days ago)
|
|
CVE-2025-46841 |
Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.03%
June 10th, 2025 (10 days ago)
|
|
CVE-2025-46840 |
Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.
CVSS: HIGH (8.7) EPSS Score: 0.06%
June 10th, 2025 (10 days ago)
|
|
CVE-2025-46838 |
Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVSS: MEDIUM (5.4) EPSS Score: 0.03%
June 10th, 2025 (10 days ago)
|
|
CVE-2025-46837 |
Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.
CVSS: HIGH (8.7) EPSS Score: 0.04%
June 10th, 2025 (10 days ago)
|
|
CVE-2025-4681 |
Description: Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Abuse.This issue affects upKeeper Instant Privilege Access: before 1.4.0.
CVSS: HIGH (8.6) EPSS Score: 0.02% SSVC Exploitation: none
June 10th, 2025 (10 days ago)
|
|
CVE-2025-4680 |
Description: Improper Input Validation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects upKeeper Instant Privilege Access: before 1.4.0.
CVSS: HIGH (8.6) EPSS Score: 0.03% SSVC Exploitation: none
June 10th, 2025 (10 days ago)
|