diff --git a/CVE-2025/CVE-2025-228xx/CVE-2025-22829.json b/CVE-2025/CVE-2025-228xx/CVE-2025-22829.json new file mode 100644 index 00000000000..6f1906c1b92 --- /dev/null +++ b/CVE-2025/CVE-2025-228xx/CVE-2025-22829.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2025-22829", + "sourceIdentifier": "security@apache.org", + "published": "2025-06-10T23:15:22.740", + "lastModified": "2025-06-10T23:15:22.740", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0. Anyone with authenticated user-account access in CloudStack 4.20.0.0 environments, where this plugin is enabled and have access to specific APIs can enable or disable reception of quota-related emails for any account in the environment and list their configurations.\n\nQuota plugin users using CloudStack 4.20.0.0 are recommended to upgrade to CloudStack version 4.20.1.0, which fixes this issue." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Amber", + "baseScore": 2.3, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NEGLIGIBLE", + "Automatable": "NO", + "Recovery": "USER", + "valueDensity": "DIFFUSE", + "vulnerabilityResponseEffort": "LOW", + "providerUrgency": "AMBER" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://cloudstack.staged.apache.org/blog/cve-advisories-4.19.3.0-4.20.1.0", + "source": "security@apache.org" + }, + { + "url": "https://lists.apache.org/thread/y3qnwn59t8qggtdohv7k7vw39bgb3d60", + "source": "security@apache.org" + }, + { + "url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-19-3-0-and-4-20-1-0/", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26521.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26521.json new file mode 100644 index 00000000000..f6b2d46cd44 --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26521.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2025-26521", + "sourceIdentifier": "security@apache.org", + "published": "2025-06-10T23:15:23.840", + "lastModified": "2025-06-10T23:15:23.840", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the API key and the secret key of the 'kubeadmin' user of the caller account are used to create the secret config in the CKS-based Kubernetes cluster. A member of the project who can access the CKS-based Kubernetes cluster, can also access the API key and secret key of the 'kubeadmin' user of the CKS cluster's creator's account. An attacker who's a member of the project can exploit this to impersonate and perform privileged actions that can result in complete compromise of the confidentiality, integrity, and availability of resources owned by the creator's account.\n\nCKS users are recommended to upgrade to version 4.19.3.0 or 4.20.1.0, which fixes this issue.Updating Existing Kubernetes Clusters in ProjectsA service account should be created for each project to provide limited access specifically for Kubernetes cluster providers and autoscaling. Follow the steps below to create a new service account, update the secret inside the cluster, and regenerate existing API and service keys:1. Create a New Service AccountCreate a new account using the role \"Project Kubernetes Service Role\" with the following details:\n\nAccount Name\nkubeadmin-\nFirst Name\nKubernetes\nLast Name\nService User\nAccount Type\n0 (Normal User)\nRole ID\n\n\n\n\n2. Add the Service Account to the ProjectAdd this account to the project where the Kubernetes cluster(s) are hosted.\n3. Generate API and Secret KeysGenerate API Key and Secret Key for the default user of this account.\n4. Update the CloudStack Secret in the Kubernetes ClusterCreate a temporary file `/tmp/cloud-config` with the following data:\n\u00a0\u00a0\u00a0api-url = \u00a0 \u00a0 # For example: /client/api\n\u00a0 api-key = \n\u00a0 secret-key = \n\u00a0 project-id = \n\n\n\n\nDelete the existing secret using kubectl and Kubernetes cluster config:\n\u00a0\u00a0\u00a0./kubectl --kubeconfig kube.conf -n kube-system delete secret cloudstack-secret\n\n\n\n\nCreate a new secret using kubectl and Kubernetes cluster config:\n\u00a0 \u00a0 ./kubectl --kubeconfig kube.conf -n kube-system create secret generic cloudstack-secret --from-file=/tmp/cloud-config\n\n\n\n\nRemove the temporary file:\n\u00a0 \u00a0 rm /tmp/cloud-config5. Regenerate API and Secret KeysRegenerate the API and secret keys for the original user account that was used to create the Kubernetes cluster." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://cloudstack.apache.org/blog/cve-advisories-4.19.3.0-4.20.1.0/", + "source": "security@apache.org" + }, + { + "url": "https://lists.apache.org/thread/y3qnwn59t8qggtdohv7k7vw39bgb3d60", + "source": "security@apache.org" + }, + { + "url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-19-3-0-and-4-20-1-0/", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46837.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46837.json new file mode 100644 index 00000000000..99fde2491be --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46837.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46837", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:24.043", + "lastModified": "2025-06-10T23:15:24.043", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46838.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46838.json new file mode 100644 index 00000000000..17c88ced658 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46838.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46838", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:24.197", + "lastModified": "2025-06-10T23:15:24.197", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46840.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46840.json new file mode 100644 index 00000000000..afca1694a21 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46840.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46840", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:24.350", + "lastModified": "2025-06-10T23:15:24.350", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46841.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46841.json new file mode 100644 index 00000000000..599acf88cb2 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46841.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46841", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:24.507", + "lastModified": "2025-06-10T23:15:24.507", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46842.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46842.json new file mode 100644 index 00000000000..4843b6c2134 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46842.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46842", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:24.667", + "lastModified": "2025-06-10T23:15:24.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46843.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46843.json new file mode 100644 index 00000000000..53508b7364d --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46843.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46843", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:24.817", + "lastModified": "2025-06-10T23:15:24.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46844.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46844.json new file mode 100644 index 00000000000..d2e3bbd621e --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46844.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46844", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:24.967", + "lastModified": "2025-06-10T23:15:24.967", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46845.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46845.json new file mode 100644 index 00000000000..39a121bf028 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46845.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46845", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:25.120", + "lastModified": "2025-06-10T23:15:25.120", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46846.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46846.json new file mode 100644 index 00000000000..9ac2fea231f --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46846.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46846", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:25.273", + "lastModified": "2025-06-10T23:15:25.273", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46847.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46847.json new file mode 100644 index 00000000000..ba187ae0dba --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46847.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46847", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:25.423", + "lastModified": "2025-06-10T23:15:25.423", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46848.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46848.json new file mode 100644 index 00000000000..a342d4b7af3 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46848.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46848", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:25.580", + "lastModified": "2025-06-10T23:15:25.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46850.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46850.json new file mode 100644 index 00000000000..da97812cd65 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46850.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46850", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:25.733", + "lastModified": "2025-06-10T23:15:25.733", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46851.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46851.json new file mode 100644 index 00000000000..caa366b5656 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46851.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46851", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:25.897", + "lastModified": "2025-06-10T23:15:25.897", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46853.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46853.json new file mode 100644 index 00000000000..9a2bc80cd1f --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46853.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46853", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:26.053", + "lastModified": "2025-06-10T23:15:26.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46854.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46854.json new file mode 100644 index 00000000000..e7ffb5dfb42 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46854.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46854", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:26.210", + "lastModified": "2025-06-10T23:15:26.210", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46855.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46855.json new file mode 100644 index 00000000000..10f94caa2ed --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46855.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46855", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:26.367", + "lastModified": "2025-06-10T23:15:26.367", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46857.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46857.json new file mode 100644 index 00000000000..2f76fe5f51d --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46857.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46857", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:26.520", + "lastModified": "2025-06-10T23:15:26.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46858.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46858.json new file mode 100644 index 00000000000..fd96ab97c66 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46858.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46858", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:26.670", + "lastModified": "2025-06-10T23:15:26.670", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46859.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46859.json new file mode 100644 index 00000000000..40235e58efc --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46859.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46859", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:26.820", + "lastModified": "2025-06-10T23:15:26.820", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46860.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46860.json new file mode 100644 index 00000000000..12bab8a3178 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46860.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46860", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:26.973", + "lastModified": "2025-06-10T23:15:26.973", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46861.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46861.json new file mode 100644 index 00000000000..231f917d064 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46861.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46861", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:27.120", + "lastModified": "2025-06-10T23:15:27.120", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46862.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46862.json new file mode 100644 index 00000000000..e0e4e42988b --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46862.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46862", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:27.280", + "lastModified": "2025-06-10T23:15:27.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46863.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46863.json new file mode 100644 index 00000000000..09769997ad9 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46863.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46863", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:27.447", + "lastModified": "2025-06-10T23:15:27.447", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46864.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46864.json new file mode 100644 index 00000000000..f2afe859567 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46864.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46864", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:27.613", + "lastModified": "2025-06-10T23:15:27.613", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46865.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46865.json new file mode 100644 index 00000000000..18f6e021dc6 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46865.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46865", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:27.767", + "lastModified": "2025-06-10T23:15:27.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46866.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46866.json new file mode 100644 index 00000000000..ca287cac72b --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46866.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46866", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:27.913", + "lastModified": "2025-06-10T23:15:27.913", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46870.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46870.json new file mode 100644 index 00000000000..c0430565eef --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46870.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46870", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:28.080", + "lastModified": "2025-06-10T23:15:28.080", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46871.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46871.json new file mode 100644 index 00000000000..91ae8bc5008 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46871.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46871", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:28.237", + "lastModified": "2025-06-10T23:15:28.237", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46872.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46872.json new file mode 100644 index 00000000000..033061e134f --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46872.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46872", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:28.387", + "lastModified": "2025-06-10T23:15:28.387", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46873.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46873.json new file mode 100644 index 00000000000..970c3c04481 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46873.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46873", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:28.537", + "lastModified": "2025-06-10T23:15:28.537", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46874.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46874.json new file mode 100644 index 00000000000..1efce301af7 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46874.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46874", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:28.690", + "lastModified": "2025-06-10T23:15:28.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46875.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46875.json new file mode 100644 index 00000000000..443328cb1ca --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46875.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46875", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:28.843", + "lastModified": "2025-06-10T23:15:28.843", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46876.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46876.json new file mode 100644 index 00000000000..5335781c7c1 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46876.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46876", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:28.993", + "lastModified": "2025-06-10T23:15:28.993", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46877.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46877.json new file mode 100644 index 00000000000..abc576badc8 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46877.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46877", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:29.147", + "lastModified": "2025-06-10T23:15:29.147", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46878.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46878.json new file mode 100644 index 00000000000..9723878c779 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46878.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46878", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:29.310", + "lastModified": "2025-06-10T23:15:29.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46879.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46879.json new file mode 100644 index 00000000000..f44158ed95d --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46879.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46879", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:29.503", + "lastModified": "2025-06-10T23:15:29.503", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46880.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46880.json new file mode 100644 index 00000000000..0fa861623b1 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46880.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46880", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:29.660", + "lastModified": "2025-06-10T23:15:29.660", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46881.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46881.json new file mode 100644 index 00000000000..6dc736b4006 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46881.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46881", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:29.813", + "lastModified": "2025-06-10T23:15:29.813", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46882.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46882.json new file mode 100644 index 00000000000..c4b7b82610d --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46882.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46882", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:29.967", + "lastModified": "2025-06-10T23:15:29.967", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46883.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46883.json new file mode 100644 index 00000000000..2f6747665cd --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46883.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46883", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:30.120", + "lastModified": "2025-06-10T23:15:30.120", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46884.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46884.json new file mode 100644 index 00000000000..369b8adc4a7 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46884.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46884", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:30.280", + "lastModified": "2025-06-10T23:15:30.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46885.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46885.json new file mode 100644 index 00000000000..bfc54d40dc3 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46885.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46885", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:30.433", + "lastModified": "2025-06-10T23:15:30.433", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46886.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46886.json new file mode 100644 index 00000000000..d202600f603 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46886.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46886", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:30.603", + "lastModified": "2025-06-10T23:15:30.603", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46887.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46887.json new file mode 100644 index 00000000000..9e07694f197 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46887.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46887", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:30.763", + "lastModified": "2025-06-10T23:15:30.763", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46888.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46888.json new file mode 100644 index 00000000000..90c02f4432d --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46888.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46888", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:30.923", + "lastModified": "2025-06-10T23:15:30.923", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46889.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46889.json new file mode 100644 index 00000000000..97163663033 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46889.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46889", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:31.080", + "lastModified": "2025-06-10T23:15:31.080", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized elevated access. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46890.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46890.json new file mode 100644 index 00000000000..6055cdff8c3 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46890.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46890", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:31.233", + "lastModified": "2025-06-10T23:15:31.233", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46891.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46891.json new file mode 100644 index 00000000000..b5d4b9f1a2d --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46891.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46891", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:31.387", + "lastModified": "2025-06-10T23:15:31.387", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46892.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46892.json new file mode 100644 index 00000000000..eb2af7bf674 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46892.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46892", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:31.540", + "lastModified": "2025-06-10T23:15:31.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46893.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46893.json new file mode 100644 index 00000000000..a127612cf41 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46893.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46893", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:31.693", + "lastModified": "2025-06-10T23:15:31.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46894.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46894.json new file mode 100644 index 00000000000..303dca0ea7b --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46894.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46894", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:31.843", + "lastModified": "2025-06-10T23:15:31.843", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46895.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46895.json new file mode 100644 index 00000000000..a57a0e4e0c7 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46895.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46895", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:31.990", + "lastModified": "2025-06-10T23:15:31.990", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46898.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46898.json new file mode 100644 index 00000000000..e5886139334 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46898.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46898", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:32.143", + "lastModified": "2025-06-10T23:15:32.143", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-468xx/CVE-2025-46899.json b/CVE-2025/CVE-2025-468xx/CVE-2025-46899.json new file mode 100644 index 00000000000..d5b5482c0d2 --- /dev/null +++ b/CVE-2025/CVE-2025-468xx/CVE-2025-46899.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46899", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:32.303", + "lastModified": "2025-06-10T23:15:32.303", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46900.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46900.json new file mode 100644 index 00000000000..a49b6b18107 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46900.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46900", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:32.470", + "lastModified": "2025-06-10T23:15:32.470", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46901.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46901.json new file mode 100644 index 00000000000..b3c66fd8960 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46901.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46901", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:32.623", + "lastModified": "2025-06-10T23:15:32.623", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46902.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46902.json new file mode 100644 index 00000000000..85d5c5bf9ef --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46902.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46902", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:32.777", + "lastModified": "2025-06-10T23:15:32.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46903.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46903.json new file mode 100644 index 00000000000..2aaf3d87a23 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46903.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46903", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:32.927", + "lastModified": "2025-06-10T23:15:32.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46904.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46904.json new file mode 100644 index 00000000000..3d4ffe57fda --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46904.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46904", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:33.077", + "lastModified": "2025-06-10T23:15:33.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46905.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46905.json new file mode 100644 index 00000000000..e687e6f861d --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46905.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46905", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:33.227", + "lastModified": "2025-06-10T23:15:33.227", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46906.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46906.json new file mode 100644 index 00000000000..5d7dbe059a5 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46906.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46906", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:33.373", + "lastModified": "2025-06-10T23:15:33.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46907.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46907.json new file mode 100644 index 00000000000..f9654c0c97f --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46907.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46907", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:33.530", + "lastModified": "2025-06-10T23:15:33.530", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46908.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46908.json new file mode 100644 index 00000000000..a0e5a58aaac --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46908.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46908", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:33.680", + "lastModified": "2025-06-10T23:15:33.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46909.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46909.json new file mode 100644 index 00000000000..8948d13210f --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46909.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46909", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:33.830", + "lastModified": "2025-06-10T23:15:33.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46910.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46910.json new file mode 100644 index 00000000000..a85111defd5 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46910.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46910", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:33.977", + "lastModified": "2025-06-10T23:15:33.977", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46911.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46911.json new file mode 100644 index 00000000000..93ad58e04a7 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46911.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46911", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:34.127", + "lastModified": "2025-06-10T23:15:34.127", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46912.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46912.json new file mode 100644 index 00000000000..bb3c5d9c39a --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46912.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46912", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:34.273", + "lastModified": "2025-06-10T23:15:34.273", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46913.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46913.json new file mode 100644 index 00000000000..3bef9efe96b --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46913.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46913", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:34.423", + "lastModified": "2025-06-10T23:15:34.423", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46914.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46914.json new file mode 100644 index 00000000000..09206cc6c02 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46914.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46914", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:34.570", + "lastModified": "2025-06-10T23:15:34.570", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46915.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46915.json new file mode 100644 index 00000000000..f08f3148064 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46915.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46915", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:34.723", + "lastModified": "2025-06-10T23:15:34.723", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46916.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46916.json new file mode 100644 index 00000000000..d50010cf78a --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46916.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46916", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:34.877", + "lastModified": "2025-06-10T23:15:34.877", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46917.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46917.json new file mode 100644 index 00000000000..e1387f77968 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46917.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46917", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:35.037", + "lastModified": "2025-06-10T23:15:35.037", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46918.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46918.json new file mode 100644 index 00000000000..ed6496b1d8e --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46918.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46918", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:35.187", + "lastModified": "2025-06-10T23:15:35.187", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46919.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46919.json new file mode 100644 index 00000000000..b1da457b0a1 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46919.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46919", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:35.330", + "lastModified": "2025-06-10T23:15:35.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46920.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46920.json new file mode 100644 index 00000000000..7dc32aebbb0 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46920.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46920", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:35.483", + "lastModified": "2025-06-10T23:15:35.483", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46922.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46922.json new file mode 100644 index 00000000000..5a589675970 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46922.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46922", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:35.640", + "lastModified": "2025-06-10T23:15:35.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46923.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46923.json new file mode 100644 index 00000000000..47fd85de9c8 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46923.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46923", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:35.797", + "lastModified": "2025-06-10T23:15:35.797", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46924.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46924.json new file mode 100644 index 00000000000..34017d5d8fd --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46924.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46924", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:35.957", + "lastModified": "2025-06-10T23:15:35.957", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46926.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46926.json new file mode 100644 index 00000000000..982a9fd7733 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46926.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46926", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:36.103", + "lastModified": "2025-06-10T23:15:36.103", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46927.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46927.json new file mode 100644 index 00000000000..01fa95da6a2 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46927.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46927", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:36.260", + "lastModified": "2025-06-10T23:15:36.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46929.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46929.json new file mode 100644 index 00000000000..736aefefdc2 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46929.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46929", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:36.407", + "lastModified": "2025-06-10T23:15:36.407", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46930.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46930.json new file mode 100644 index 00000000000..860efe5fb03 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46930.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46930", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:36.553", + "lastModified": "2025-06-10T23:15:36.553", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46931.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46931.json new file mode 100644 index 00000000000..bae09c814b8 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46931.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46931", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:36.700", + "lastModified": "2025-06-10T23:15:36.700", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46933.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46933.json new file mode 100644 index 00000000000..7203641f1da --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46933.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46933", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:36.853", + "lastModified": "2025-06-10T23:15:36.853", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46934.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46934.json new file mode 100644 index 00000000000..95dd8ef501a --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46934.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46934", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:37.000", + "lastModified": "2025-06-10T23:15:37.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46935.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46935.json new file mode 100644 index 00000000000..ea90408b222 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46935.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46935", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:37.147", + "lastModified": "2025-06-10T23:15:37.147", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46939.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46939.json new file mode 100644 index 00000000000..be37c0cd1d0 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46939.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46939", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:37.300", + "lastModified": "2025-06-10T23:15:37.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46940.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46940.json new file mode 100644 index 00000000000..9abd458429f --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46940.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46940", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:37.450", + "lastModified": "2025-06-10T23:15:37.450", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46941.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46941.json new file mode 100644 index 00000000000..859c65742ad --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46941.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46941", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:37.597", + "lastModified": "2025-06-10T23:15:37.597", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46942.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46942.json new file mode 100644 index 00000000000..ff0788e598c --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46942.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46942", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:37.743", + "lastModified": "2025-06-10T23:15:37.743", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46943.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46943.json new file mode 100644 index 00000000000..75ca65bfdf6 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46943.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46943", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:37.890", + "lastModified": "2025-06-10T23:15:37.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46944.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46944.json new file mode 100644 index 00000000000..467f40acece --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46944.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46944", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:38.040", + "lastModified": "2025-06-10T23:15:38.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46945.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46945.json new file mode 100644 index 00000000000..4f73d397778 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46945.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46945", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:38.180", + "lastModified": "2025-06-10T23:15:38.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46946.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46946.json new file mode 100644 index 00000000000..1ba640bb35a --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46946.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46946", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:38.330", + "lastModified": "2025-06-10T23:15:38.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46947.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46947.json new file mode 100644 index 00000000000..a32fd54426f --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46947.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46947", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:38.477", + "lastModified": "2025-06-10T23:15:38.477", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46948.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46948.json new file mode 100644 index 00000000000..f2492afaa2c --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46948.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46948", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:38.623", + "lastModified": "2025-06-10T23:15:38.623", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46949.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46949.json new file mode 100644 index 00000000000..bae32414460 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46949.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46949", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:38.770", + "lastModified": "2025-06-10T23:15:38.770", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46950.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46950.json new file mode 100644 index 00000000000..6272d79fe18 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46950.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46950", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:38.920", + "lastModified": "2025-06-10T23:15:38.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46951.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46951.json new file mode 100644 index 00000000000..31ecda5b224 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46951.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46951", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:39.070", + "lastModified": "2025-06-10T23:15:39.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46952.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46952.json new file mode 100644 index 00000000000..4997fda6b34 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46952.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46952", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:39.223", + "lastModified": "2025-06-10T23:15:39.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46953.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46953.json new file mode 100644 index 00000000000..6b67553c3f1 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46953.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46953", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:39.377", + "lastModified": "2025-06-10T23:15:39.377", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46954.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46954.json new file mode 100644 index 00000000000..c0dd481de78 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46954.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46954", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:39.530", + "lastModified": "2025-06-10T23:15:39.530", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46955.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46955.json new file mode 100644 index 00000000000..a5e1112fdbd --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46955.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46955", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:39.707", + "lastModified": "2025-06-10T23:15:39.707", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46956.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46956.json new file mode 100644 index 00000000000..ad741db21c6 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46956.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46956", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:39.860", + "lastModified": "2025-06-10T23:15:39.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46957.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46957.json new file mode 100644 index 00000000000..37eb5f68505 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46957.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46957", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:40.007", + "lastModified": "2025-06-10T23:15:40.007", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46960.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46960.json new file mode 100644 index 00000000000..b96d74636e8 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46960.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46960", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:40.150", + "lastModified": "2025-06-10T23:15:40.150", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46963.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46963.json new file mode 100644 index 00000000000..2dfd16b00ae --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46963.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46963", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:40.300", + "lastModified": "2025-06-10T23:15:40.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46964.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46964.json new file mode 100644 index 00000000000..b50be4d8366 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46964.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46964", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:40.450", + "lastModified": "2025-06-10T23:15:40.450", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46965.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46965.json new file mode 100644 index 00000000000..3d594d788a6 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46965.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46965", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:40.597", + "lastModified": "2025-06-10T23:15:40.597", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46966.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46966.json new file mode 100644 index 00000000000..9e9b5c057eb --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46966.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46966", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:40.743", + "lastModified": "2025-06-10T23:15:40.743", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46967.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46967.json new file mode 100644 index 00000000000..dd52da1e08e --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46967.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46967", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:40.903", + "lastModified": "2025-06-10T23:15:40.903", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46968.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46968.json new file mode 100644 index 00000000000..8c2bfecf7cb --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46968.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46968", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:41.053", + "lastModified": "2025-06-10T23:15:41.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46970.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46970.json new file mode 100644 index 00000000000..5760bdd3384 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46970.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46970", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:41.203", + "lastModified": "2025-06-10T23:15:41.203", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46971.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46971.json new file mode 100644 index 00000000000..1a640f4f785 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46971.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46971", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:41.350", + "lastModified": "2025-06-10T23:15:41.350", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46972.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46972.json new file mode 100644 index 00000000000..122482f855f --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46972.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46972", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:41.497", + "lastModified": "2025-06-10T23:15:41.497", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46973.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46973.json new file mode 100644 index 00000000000..4e937000844 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46973.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46973", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:41.647", + "lastModified": "2025-06-10T23:15:41.647", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46974.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46974.json new file mode 100644 index 00000000000..1c803234c89 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46974.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46974", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:41.793", + "lastModified": "2025-06-10T23:15:41.793", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46975.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46975.json new file mode 100644 index 00000000000..d3c37ecab8b --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46975.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46975", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:41.943", + "lastModified": "2025-06-10T23:15:41.943", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46976.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46976.json new file mode 100644 index 00000000000..70a9fb944b2 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46976.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46976", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:42.103", + "lastModified": "2025-06-10T23:15:42.103", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46977.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46977.json new file mode 100644 index 00000000000..776cbfbeba4 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46977.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46977", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:42.267", + "lastModified": "2025-06-10T23:15:42.267", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46978.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46978.json new file mode 100644 index 00000000000..29961def805 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46978.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46978", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:42.447", + "lastModified": "2025-06-10T23:15:42.447", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46979.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46979.json new file mode 100644 index 00000000000..cf22852af87 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46979.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46979", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:42.597", + "lastModified": "2025-06-10T23:15:42.597", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46981.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46981.json new file mode 100644 index 00000000000..6ce937bc51a --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46981.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46981", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:42.743", + "lastModified": "2025-06-10T23:15:42.743", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46982.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46982.json new file mode 100644 index 00000000000..666b6a77c1a --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46982.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46982", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:42.890", + "lastModified": "2025-06-10T23:15:42.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46983.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46983.json new file mode 100644 index 00000000000..600dcfb0036 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46983.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46983", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:43.033", + "lastModified": "2025-06-10T23:15:43.033", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46984.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46984.json new file mode 100644 index 00000000000..fabebe4c5ee --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46984.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46984", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:43.183", + "lastModified": "2025-06-10T23:15:43.183", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46985.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46985.json new file mode 100644 index 00000000000..1ac2a75c9f3 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46985.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46985", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:43.333", + "lastModified": "2025-06-10T23:15:43.333", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46986.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46986.json new file mode 100644 index 00000000000..cde97010f28 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46986.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46986", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:43.477", + "lastModified": "2025-06-10T23:15:43.477", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46987.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46987.json new file mode 100644 index 00000000000..0a8b4a363a5 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46987.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46987", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:43.627", + "lastModified": "2025-06-10T23:15:43.627", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46988.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46988.json new file mode 100644 index 00000000000..33de9553211 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46988.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46988", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:43.773", + "lastModified": "2025-06-10T23:15:43.773", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46989.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46989.json new file mode 100644 index 00000000000..39318caa1f2 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46989.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46989", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:43.917", + "lastModified": "2025-06-10T23:15:43.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46990.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46990.json new file mode 100644 index 00000000000..87848ee4cf1 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46990.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46990", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:44.070", + "lastModified": "2025-06-10T23:15:44.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46991.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46991.json new file mode 100644 index 00000000000..2b3dbbe4cb3 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46991.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46991", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:44.220", + "lastModified": "2025-06-10T23:15:44.220", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46992.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46992.json new file mode 100644 index 00000000000..f5e49985d6c --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46992.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46992", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:44.367", + "lastModified": "2025-06-10T23:15:44.367", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46995.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46995.json new file mode 100644 index 00000000000..d2fab7e7f6b --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46995.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46995", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:44.520", + "lastModified": "2025-06-10T23:15:44.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46997.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46997.json new file mode 100644 index 00000000000..b914861bf98 --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46997.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46997", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:44.667", + "lastModified": "2025-06-10T23:15:44.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-469xx/CVE-2025-46999.json b/CVE-2025/CVE-2025-469xx/CVE-2025-46999.json new file mode 100644 index 00000000000..0b53241af9b --- /dev/null +++ b/CVE-2025/CVE-2025-469xx/CVE-2025-46999.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-46999", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:44.813", + "lastModified": "2025-06-10T23:15:44.813", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47000.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47000.json new file mode 100644 index 00000000000..5c783f52c05 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47000.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47000", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:44.960", + "lastModified": "2025-06-10T23:15:44.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47002.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47002.json new file mode 100644 index 00000000000..ea3af74c0f0 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47002.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47002", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:45.110", + "lastModified": "2025-06-10T23:15:45.110", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47003.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47003.json new file mode 100644 index 00000000000..38e54e77c70 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47003.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47003", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:45.263", + "lastModified": "2025-06-10T23:15:45.263", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47004.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47004.json new file mode 100644 index 00000000000..31a6c7ca04b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47004.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47004", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:45.407", + "lastModified": "2025-06-10T23:15:45.407", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47005.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47005.json new file mode 100644 index 00000000000..b4b5ef6d3fd --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47005.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47005", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:45.553", + "lastModified": "2025-06-10T23:15:45.553", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47006.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47006.json new file mode 100644 index 00000000000..87feb94de9b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47006.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47006", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:45.700", + "lastModified": "2025-06-10T23:15:45.700", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47007.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47007.json new file mode 100644 index 00000000000..098472b61f1 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47007.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47007", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:45.847", + "lastModified": "2025-06-10T23:15:45.847", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47008.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47008.json new file mode 100644 index 00000000000..8ffcee88194 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47008.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47008", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:46.003", + "lastModified": "2025-06-10T23:15:46.003", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47010.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47010.json new file mode 100644 index 00000000000..9f55a15bc40 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47010.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47010", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:46.153", + "lastModified": "2025-06-10T23:15:46.153", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47011.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47011.json new file mode 100644 index 00000000000..0fed75c6f41 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47011.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47011", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:46.300", + "lastModified": "2025-06-10T23:15:46.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47012.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47012.json new file mode 100644 index 00000000000..f1ccfea6263 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47012.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47012", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:46.447", + "lastModified": "2025-06-10T23:15:46.447", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47013.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47013.json new file mode 100644 index 00000000000..a0f08d7b740 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47013.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47013", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:46.593", + "lastModified": "2025-06-10T23:15:46.593", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47014.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47014.json new file mode 100644 index 00000000000..9d0d6e15b0c --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47014.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47014", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:46.733", + "lastModified": "2025-06-10T23:15:46.733", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47015.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47015.json new file mode 100644 index 00000000000..487171a4ef7 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47015.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47015", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:46.880", + "lastModified": "2025-06-10T23:15:46.880", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47016.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47016.json new file mode 100644 index 00000000000..65263406478 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47016.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47016", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:47.020", + "lastModified": "2025-06-10T23:15:47.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47017.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47017.json new file mode 100644 index 00000000000..c8585ef179c --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47017.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47017", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:47.170", + "lastModified": "2025-06-10T23:15:47.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47019.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47019.json new file mode 100644 index 00000000000..95d517d57a7 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47019.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47019", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:47.327", + "lastModified": "2025-06-10T23:15:47.327", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47020.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47020.json new file mode 100644 index 00000000000..d866f114b9b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47020.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47020", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:47.487", + "lastModified": "2025-06-10T23:15:47.487", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47021.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47021.json new file mode 100644 index 00000000000..410814c1e34 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47021.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47021", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:47.640", + "lastModified": "2025-06-10T23:15:47.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47022.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47022.json new file mode 100644 index 00000000000..3361ff21336 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47022.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47022", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:47.793", + "lastModified": "2025-06-10T23:15:47.793", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47025.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47025.json new file mode 100644 index 00000000000..6b5b6d13b38 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47025.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47025", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:47.943", + "lastModified": "2025-06-10T23:15:47.943", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47026.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47026.json new file mode 100644 index 00000000000..6141bcc09ed --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47026.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47026", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:48.097", + "lastModified": "2025-06-10T23:15:48.097", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47027.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47027.json new file mode 100644 index 00000000000..02a88fbf863 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47027.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47027", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:48.250", + "lastModified": "2025-06-10T23:15:48.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47029.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47029.json new file mode 100644 index 00000000000..5df1c9d9529 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47029.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47029", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:48.403", + "lastModified": "2025-06-10T23:15:48.403", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47030.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47030.json new file mode 100644 index 00000000000..5e9f106f7c2 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47030.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47030", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:48.550", + "lastModified": "2025-06-10T23:15:48.550", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47031.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47031.json new file mode 100644 index 00000000000..02b4eb9ce0b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47031.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47031", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:48.693", + "lastModified": "2025-06-10T23:15:48.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47032.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47032.json new file mode 100644 index 00000000000..00bf9bafc6d --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47032.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47032", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:48.840", + "lastModified": "2025-06-10T23:15:48.840", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47033.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47033.json new file mode 100644 index 00000000000..ee1fa5d0277 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47033.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47033", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:48.987", + "lastModified": "2025-06-10T23:15:48.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47034.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47034.json new file mode 100644 index 00000000000..2fe72feb2c8 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47034.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47034", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:49.130", + "lastModified": "2025-06-10T23:15:49.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47035.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47035.json new file mode 100644 index 00000000000..2e9d0f3ddff --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47035.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47035", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:49.280", + "lastModified": "2025-06-10T23:15:49.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47036.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47036.json new file mode 100644 index 00000000000..af78f69d65f --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47036.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47036", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:49.427", + "lastModified": "2025-06-10T23:15:49.427", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47037.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47037.json new file mode 100644 index 00000000000..3d7a9eaa627 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47037.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47037", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:49.573", + "lastModified": "2025-06-10T23:15:49.573", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47038.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47038.json new file mode 100644 index 00000000000..517895954af --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47038.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47038", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:49.730", + "lastModified": "2025-06-10T23:15:49.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47039.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47039.json new file mode 100644 index 00000000000..b2b2d9c360b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47039.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47039", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:49.907", + "lastModified": "2025-06-10T23:15:49.907", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47040.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47040.json new file mode 100644 index 00000000000..4bb37f76c2b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47040.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47040", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:50.060", + "lastModified": "2025-06-10T23:15:50.060", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47041.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47041.json new file mode 100644 index 00000000000..1ce84663258 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47041.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47041", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:50.203", + "lastModified": "2025-06-10T23:15:50.203", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47042.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47042.json new file mode 100644 index 00000000000..afa2560aab0 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47042.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47042", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:50.353", + "lastModified": "2025-06-10T23:15:50.353", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47044.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47044.json new file mode 100644 index 00000000000..677b97323fb --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47044.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47044", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:50.510", + "lastModified": "2025-06-10T23:15:50.510", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47045.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47045.json new file mode 100644 index 00000000000..6e9de341575 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47045.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47045", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:50.660", + "lastModified": "2025-06-10T23:15:50.660", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47047.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47047.json new file mode 100644 index 00000000000..d877a02427a --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47047.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47047", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:50.807", + "lastModified": "2025-06-10T23:15:50.807", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47048.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47048.json new file mode 100644 index 00000000000..51c732b0b71 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47048.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47048", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:50.950", + "lastModified": "2025-06-10T23:15:50.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47049.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47049.json new file mode 100644 index 00000000000..78aaac64139 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47049.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47049", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:51.107", + "lastModified": "2025-06-10T23:15:51.107", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a specially crafted web page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47050.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47050.json new file mode 100644 index 00000000000..261425c7dba --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47050.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47050", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:51.257", + "lastModified": "2025-06-10T23:15:51.257", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47051.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47051.json new file mode 100644 index 00000000000..cd07fec8145 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47051.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47051", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:51.403", + "lastModified": "2025-06-10T23:15:51.403", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47052.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47052.json new file mode 100644 index 00000000000..dc1ce2b5dfe --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47052.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47052", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:51.553", + "lastModified": "2025-06-10T23:15:51.553", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47055.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47055.json new file mode 100644 index 00000000000..082ca3a8677 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47055.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47055", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:51.697", + "lastModified": "2025-06-10T23:15:51.697", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47056.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47056.json new file mode 100644 index 00000000000..ec0b2fc638b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47056.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47056", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:51.840", + "lastModified": "2025-06-10T23:15:51.840", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47057.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47057.json new file mode 100644 index 00000000000..b592ada5f37 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47057.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47057", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:51.987", + "lastModified": "2025-06-10T23:15:51.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47060.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47060.json new file mode 100644 index 00000000000..ef317cbbba5 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47060.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47060", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:52.133", + "lastModified": "2025-06-10T23:15:52.133", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47062.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47062.json new file mode 100644 index 00000000000..f0aaca507af --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47062.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47062", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:52.287", + "lastModified": "2025-06-10T23:15:52.287", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47063.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47063.json new file mode 100644 index 00000000000..1b3fcaae7db --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47063.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47063", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:52.453", + "lastModified": "2025-06-10T23:15:52.453", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47065.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47065.json new file mode 100644 index 00000000000..db67fd20429 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47065.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47065", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:52.610", + "lastModified": "2025-06-10T23:15:52.610", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47066.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47066.json new file mode 100644 index 00000000000..443f98023cd --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47066.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47066", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:52.760", + "lastModified": "2025-06-10T23:15:52.760", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47067.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47067.json new file mode 100644 index 00000000000..933d21095a8 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47067.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47067", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:52.907", + "lastModified": "2025-06-10T23:15:52.907", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47068.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47068.json new file mode 100644 index 00000000000..201386b410b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47068.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47068", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:53.053", + "lastModified": "2025-06-10T23:15:53.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47069.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47069.json new file mode 100644 index 00000000000..136c4a2b42a --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47069.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47069", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:53.210", + "lastModified": "2025-06-10T23:15:53.210", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47070.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47070.json new file mode 100644 index 00000000000..7e50401aee9 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47070.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47070", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:53.360", + "lastModified": "2025-06-10T23:15:53.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47071.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47071.json new file mode 100644 index 00000000000..2c7b1c5cba4 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47071.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47071", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:53.510", + "lastModified": "2025-06-10T23:15:53.510", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47072.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47072.json new file mode 100644 index 00000000000..4630dd39f3f --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47072.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47072", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:53.667", + "lastModified": "2025-06-10T23:15:53.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47073.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47073.json new file mode 100644 index 00000000000..347732901ca --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47073.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47073", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:53.813", + "lastModified": "2025-06-10T23:15:53.813", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47074.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47074.json new file mode 100644 index 00000000000..96710e24460 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47074.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47074", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:53.960", + "lastModified": "2025-06-10T23:15:53.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47075.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47075.json new file mode 100644 index 00000000000..49be932b2fc --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47075.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47075", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:54.103", + "lastModified": "2025-06-10T23:15:54.103", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47076.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47076.json new file mode 100644 index 00000000000..3620eeebf0c --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47076.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47076", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:54.250", + "lastModified": "2025-06-10T23:15:54.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47077.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47077.json new file mode 100644 index 00000000000..86258f31630 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47077.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47077", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:54.397", + "lastModified": "2025-06-10T23:15:54.397", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47078.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47078.json new file mode 100644 index 00000000000..31bf9d7349d --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47078.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47078", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:54.547", + "lastModified": "2025-06-10T23:15:54.547", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47079.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47079.json new file mode 100644 index 00000000000..dea63c08862 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47079.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47079", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:54.690", + "lastModified": "2025-06-10T23:15:54.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47080.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47080.json new file mode 100644 index 00000000000..ca97703ab6b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47080.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47080", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:54.830", + "lastModified": "2025-06-10T23:15:54.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47081.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47081.json new file mode 100644 index 00000000000..e4d63b4fe3a --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47081.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47081", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:54.980", + "lastModified": "2025-06-10T23:15:54.980", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47082.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47082.json new file mode 100644 index 00000000000..05ee8329a86 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47082.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47082", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:55.123", + "lastModified": "2025-06-10T23:15:55.123", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47083.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47083.json new file mode 100644 index 00000000000..490d7a5d689 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47083.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47083", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:55.277", + "lastModified": "2025-06-10T23:15:55.277", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47084.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47084.json new file mode 100644 index 00000000000..c6754de92ab --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47084.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47084", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:55.430", + "lastModified": "2025-06-10T23:15:55.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47085.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47085.json new file mode 100644 index 00000000000..5c81bf1d14c --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47085.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47085", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:55.577", + "lastModified": "2025-06-10T23:15:55.577", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47086.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47086.json new file mode 100644 index 00000000000..f53facdc89c --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47086.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47086", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:55.727", + "lastModified": "2025-06-10T23:15:55.727", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47087.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47087.json new file mode 100644 index 00000000000..640cc7d6bd2 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47087.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47087", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:55.873", + "lastModified": "2025-06-10T23:15:55.873", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47088.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47088.json new file mode 100644 index 00000000000..7dd11343a60 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47088.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47088", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:56.027", + "lastModified": "2025-06-10T23:15:56.027", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47089.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47089.json new file mode 100644 index 00000000000..5b258996260 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47089.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47089", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:56.193", + "lastModified": "2025-06-10T23:15:56.193", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47090.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47090.json new file mode 100644 index 00000000000..bd1e77555d6 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47090.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47090", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:56.350", + "lastModified": "2025-06-10T23:15:56.350", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47091.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47091.json new file mode 100644 index 00000000000..924616c8b3a --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47091.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47091", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:56.500", + "lastModified": "2025-06-10T23:15:56.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47092.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47092.json new file mode 100644 index 00000000000..97fb2076a4b --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47092.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47092", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:56.647", + "lastModified": "2025-06-10T23:15:56.647", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47093.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47093.json new file mode 100644 index 00000000000..854ebfb774d --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47093.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47093", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:56.793", + "lastModified": "2025-06-10T23:15:56.793", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47094.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47094.json new file mode 100644 index 00000000000..57a273b212d --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47094.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47094", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:56.947", + "lastModified": "2025-06-10T23:15:56.947", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47095.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47095.json new file mode 100644 index 00000000000..f09eaf1fb12 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47095.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47095", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:57.097", + "lastModified": "2025-06-10T23:15:57.097", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.1, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-470xx/CVE-2025-47096.json b/CVE-2025/CVE-2025-470xx/CVE-2025-47096.json new file mode 100644 index 00000000000..7939ebcb861 --- /dev/null +++ b/CVE-2025/CVE-2025-470xx/CVE-2025-47096.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47096", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:57.247", + "lastModified": "2025-06-10T23:15:57.247", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Low privileges are required." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-471xx/CVE-2025-47102.json b/CVE-2025/CVE-2025-471xx/CVE-2025-47102.json new file mode 100644 index 00000000000..224119bf523 --- /dev/null +++ b/CVE-2025/CVE-2025-471xx/CVE-2025-47102.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47102", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:57.423", + "lastModified": "2025-06-10T23:15:57.423", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a specially crafted web page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-471xx/CVE-2025-47113.json b/CVE-2025/CVE-2025-471xx/CVE-2025-47113.json new file mode 100644 index 00000000000..5894423ad91 --- /dev/null +++ b/CVE-2025/CVE-2025-471xx/CVE-2025-47113.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47113", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:57.583", + "lastModified": "2025-06-10T23:15:57.583", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-471xx/CVE-2025-47114.json b/CVE-2025/CVE-2025-471xx/CVE-2025-47114.json new file mode 100644 index 00000000000..53d12fa7831 --- /dev/null +++ b/CVE-2025/CVE-2025-471xx/CVE-2025-47114.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47114", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:57.730", + "lastModified": "2025-06-10T23:15:57.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-471xx/CVE-2025-47115.json b/CVE-2025/CVE-2025-471xx/CVE-2025-47115.json new file mode 100644 index 00000000000..8b1f5ff8d0e --- /dev/null +++ b/CVE-2025/CVE-2025-471xx/CVE-2025-47115.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47115", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:57.877", + "lastModified": "2025-06-10T23:15:57.877", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-471xx/CVE-2025-47116.json b/CVE-2025/CVE-2025-471xx/CVE-2025-47116.json new file mode 100644 index 00000000000..c8db1c81467 --- /dev/null +++ b/CVE-2025/CVE-2025-471xx/CVE-2025-47116.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47116", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:58.023", + "lastModified": "2025-06-10T23:15:58.023", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-471xx/CVE-2025-47117.json b/CVE-2025/CVE-2025-471xx/CVE-2025-47117.json new file mode 100644 index 00000000000..5575c7522d6 --- /dev/null +++ b/CVE-2025/CVE-2025-471xx/CVE-2025-47117.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47117", + "sourceIdentifier": "psirt@adobe.com", + "published": "2025-06-10T23:15:58.173", + "lastModified": "2025-06-10T23:15:58.173", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-477xx/CVE-2025-47713.json b/CVE-2025/CVE-2025-477xx/CVE-2025-47713.json new file mode 100644 index 00000000000..cbacef3acf3 --- /dev/null +++ b/CVE-2025/CVE-2025-477xx/CVE-2025-47713.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2025-47713", + "sourceIdentifier": "security@apache.org", + "published": "2025-06-10T23:15:58.320", + "lastModified": "2025-06-10T23:15:58.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Admin role type. This operation is not appropriately restricted and allows the attacker to assume control over higher-privileged user-accounts.\u00a0A malicious Domain Admin attacker can impersonate an Admin user-account and gain access to sensitive APIs and resources that\u00a0could result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability of infrastructure managed by CloudStack.\n\n\n\nUsers are recommended to upgrade to Apache CloudStack 4.19.3.0 or 4.20.1.0, which fixes the issue with the following:\n * Strict validation on Role Type hierarchy: the caller's user-account role must be equal to or higher than the target user-account's role.\n * API privilege comparison: the caller must possess all privileges of the user they are operating on. \n * Two new domain-level settings (restricted to the default Admin): \n\u2003- role.types.allowed.for.operations.on.accounts.of.same.role.type: Defines which role types are allowed to act on users of the same role type. Default: \"Admin, DomainAdmin, ResourceAdmin\". \n\u00a0 \u00a0- allow.operations.on.users.in.same.account: Allows/disallows user operations within the same account. Default: true." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://cloudstack.apache.org/blog/cve-advisories-4.19.3.0-4.20.1.0/", + "source": "security@apache.org" + }, + { + "url": "https://lists.apache.org/thread/y3qnwn59t8qggtdohv7k7vw39bgb3d60", + "source": "security@apache.org" + }, + { + "url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-19-3-0-and-4-20-1-0/", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-478xx/CVE-2025-47849.json b/CVE-2025/CVE-2025-478xx/CVE-2025-47849.json new file mode 100644 index 00000000000..99b89d82c17 --- /dev/null +++ b/CVE-2025/CVE-2025-478xx/CVE-2025-47849.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2025-47849", + "sourceIdentifier": "security@apache.org", + "published": "2025-06-10T23:15:58.453", + "lastModified": "2025-06-10T23:15:58.453", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and allows the attacker to assume control over higher-privileged user-accounts. A malicious Domain Admin attacker can impersonate an Admin user-account and gain access to sensitive APIs and resources that could result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability of infrastructure managed by CloudStack.\n\nUsers are recommended to upgrade to Apache CloudStack 4.19.3.0 or 4.20.1.0, which fixes the issue with the following:\n\n\n * Strict validation on Role Type hierarchy: the caller's role must be equal to or higher than the target user's role.\u00a0\n * API privilege comparison: the caller must possess all privileges of the user they are operating on.\u00a0\n * Two new domain-level settings (restricted to the default admin):\u00a0\n\u2003- role.types.allowed.for.operations.on.accounts.of.same.role.type: Defines which role types are allowed to act on users of the same role type. Default: \"Admin, DomainAdmin, ResourceAdmin\".\u00a0\n\u2003- allow.operations.on.users.in.same.account: Allows/disallows user operations within the same account. Default: true." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://cloudstack.apache.org/blog/cve-advisories-4.19.3.0-4.20.1.0/", + "source": "security@apache.org" + }, + { + "url": "https://lists.apache.org/thread/y3qnwn59t8qggtdohv7k7vw39bgb3d60", + "source": "security@apache.org" + }, + { + "url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-19-3-0-and-4-20-1-0/", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-59xx/CVE-2025-5984.json b/CVE-2025/CVE-2025-59xx/CVE-2025-5984.json new file mode 100644 index 00000000000..ba0b546cf9b --- /dev/null +++ b/CVE-2025/CVE-2025-59xx/CVE-2025-5984.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5984", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-10T23:15:58.583", + "lastModified": "2025-06-10T23:15:58.583", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in SourceCodester Online Student Clearance System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/add-fee.php. The manipulation of the argument txtamt leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.311899", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311899", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.592554", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-59xx/CVE-2025-5985.json b/CVE-2025/CVE-2025-59xx/CVE-2025-5985.json new file mode 100644 index 00000000000..f6049032902 --- /dev/null +++ b/CVE-2025/CVE-2025-59xx/CVE-2025-5985.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5985", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-10T23:15:58.770", + "lastModified": "2025-06-10T23:15:58.770", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/tuooo/CVE/issues/13", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311900", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311900", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.592612", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index d126b4f5352..727e9cd81c7 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-10T22:00:20.519098+00:00 +2025-06-10T23:55:19.688999+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-10T21:15:23.150000+00:00 +2025-06-10T23:15:58.770000+00:00 ``` ### Last Data Feed Release @@ -33,42 +33,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -297445 +297677 ``` ### CVEs added in the last Commit -Recently added CVEs: `15` +Recently added CVEs: `232` -- [CVE-2024-41502](CVE-2024/CVE-2024-415xx/CVE-2024-41502.json) (`2025-06-10T20:15:21.470`) -- [CVE-2024-41503](CVE-2024/CVE-2024-415xx/CVE-2024-41503.json) (`2025-06-10T20:15:21.610`) -- [CVE-2024-41504](CVE-2024/CVE-2024-415xx/CVE-2024-41504.json) (`2025-06-10T20:15:21.733`) -- [CVE-2024-41505](CVE-2024/CVE-2024-415xx/CVE-2024-41505.json) (`2025-06-10T20:15:21.850`) -- [CVE-2025-3052](CVE-2025/CVE-2025-30xx/CVE-2025-3052.json) (`2025-06-10T20:15:23.037`) -- [CVE-2025-35940](CVE-2025/CVE-2025-359xx/CVE-2025-35940.json) (`2025-06-10T21:15:22.210`) -- [CVE-2025-36852](CVE-2025/CVE-2025-368xx/CVE-2025-36852.json) (`2025-06-10T20:15:22.877`) -- [CVE-2025-49133](CVE-2025/CVE-2025-491xx/CVE-2025-49133.json) (`2025-06-10T20:15:24.337`) -- [CVE-2025-5974](CVE-2025/CVE-2025-59xx/CVE-2025-5974.json) (`2025-06-10T20:15:24.923`) -- [CVE-2025-5975](CVE-2025/CVE-2025-59xx/CVE-2025-5975.json) (`2025-06-10T20:15:25.117`) -- [CVE-2025-5976](CVE-2025/CVE-2025-59xx/CVE-2025-5976.json) (`2025-06-10T20:15:25.297`) -- [CVE-2025-5977](CVE-2025/CVE-2025-59xx/CVE-2025-5977.json) (`2025-06-10T20:15:25.480`) -- [CVE-2025-5978](CVE-2025/CVE-2025-59xx/CVE-2025-5978.json) (`2025-06-10T21:15:22.793`) -- [CVE-2025-5979](CVE-2025/CVE-2025-59xx/CVE-2025-5979.json) (`2025-06-10T21:15:22.970`) -- [CVE-2025-5980](CVE-2025/CVE-2025-59xx/CVE-2025-5980.json) (`2025-06-10T21:15:23.150`) +- [CVE-2025-47082](CVE-2025/CVE-2025-470xx/CVE-2025-47082.json) (`2025-06-10T23:15:55.123`) +- [CVE-2025-47083](CVE-2025/CVE-2025-470xx/CVE-2025-47083.json) (`2025-06-10T23:15:55.277`) +- [CVE-2025-47084](CVE-2025/CVE-2025-470xx/CVE-2025-47084.json) (`2025-06-10T23:15:55.430`) +- [CVE-2025-47085](CVE-2025/CVE-2025-470xx/CVE-2025-47085.json) (`2025-06-10T23:15:55.577`) +- [CVE-2025-47086](CVE-2025/CVE-2025-470xx/CVE-2025-47086.json) (`2025-06-10T23:15:55.727`) +- [CVE-2025-47087](CVE-2025/CVE-2025-470xx/CVE-2025-47087.json) (`2025-06-10T23:15:55.873`) +- [CVE-2025-47088](CVE-2025/CVE-2025-470xx/CVE-2025-47088.json) (`2025-06-10T23:15:56.027`) +- [CVE-2025-47089](CVE-2025/CVE-2025-470xx/CVE-2025-47089.json) (`2025-06-10T23:15:56.193`) +- [CVE-2025-47090](CVE-2025/CVE-2025-470xx/CVE-2025-47090.json) (`2025-06-10T23:15:56.350`) +- [CVE-2025-47091](CVE-2025/CVE-2025-470xx/CVE-2025-47091.json) (`2025-06-10T23:15:56.500`) +- [CVE-2025-47092](CVE-2025/CVE-2025-470xx/CVE-2025-47092.json) (`2025-06-10T23:15:56.647`) +- [CVE-2025-47093](CVE-2025/CVE-2025-470xx/CVE-2025-47093.json) (`2025-06-10T23:15:56.793`) +- [CVE-2025-47094](CVE-2025/CVE-2025-470xx/CVE-2025-47094.json) (`2025-06-10T23:15:56.947`) +- [CVE-2025-47095](CVE-2025/CVE-2025-470xx/CVE-2025-47095.json) (`2025-06-10T23:15:57.097`) +- [CVE-2025-47096](CVE-2025/CVE-2025-470xx/CVE-2025-47096.json) (`2025-06-10T23:15:57.247`) +- [CVE-2025-47102](CVE-2025/CVE-2025-471xx/CVE-2025-47102.json) (`2025-06-10T23:15:57.423`) +- [CVE-2025-47113](CVE-2025/CVE-2025-471xx/CVE-2025-47113.json) (`2025-06-10T23:15:57.583`) +- [CVE-2025-47114](CVE-2025/CVE-2025-471xx/CVE-2025-47114.json) (`2025-06-10T23:15:57.730`) +- [CVE-2025-47115](CVE-2025/CVE-2025-471xx/CVE-2025-47115.json) (`2025-06-10T23:15:57.877`) +- [CVE-2025-47116](CVE-2025/CVE-2025-471xx/CVE-2025-47116.json) (`2025-06-10T23:15:58.023`) +- [CVE-2025-47117](CVE-2025/CVE-2025-471xx/CVE-2025-47117.json) (`2025-06-10T23:15:58.173`) +- [CVE-2025-47713](CVE-2025/CVE-2025-477xx/CVE-2025-47713.json) (`2025-06-10T23:15:58.320`) +- [CVE-2025-47849](CVE-2025/CVE-2025-478xx/CVE-2025-47849.json) (`2025-06-10T23:15:58.453`) +- [CVE-2025-5984](CVE-2025/CVE-2025-59xx/CVE-2025-5984.json) (`2025-06-10T23:15:58.583`) +- [CVE-2025-5985](CVE-2025/CVE-2025-59xx/CVE-2025-5985.json) (`2025-06-10T23:15:58.770`) ### CVEs modified in the last Commit -Recently modified CVEs: `8` +Recently modified CVEs: `0` -- [CVE-2022-43855](CVE-2022/CVE-2022-438xx/CVE-2022-43855.json) (`2025-06-10T20:15:21.210`) -- [CVE-2024-3931](CVE-2024/CVE-2024-39xx/CVE-2024-3931.json) (`2025-06-10T20:08:09.853`) -- [CVE-2024-57190](CVE-2024/CVE-2024-571xx/CVE-2024-57190.json) (`2025-06-10T20:15:22.247`) -- [CVE-2025-23102](CVE-2025/CVE-2025-231xx/CVE-2025-23102.json) (`2025-06-10T20:07:12.893`) -- [CVE-2025-44044](CVE-2025/CVE-2025-440xx/CVE-2025-44044.json) (`2025-06-10T20:15:23.817`) -- [CVE-2025-4652](CVE-2025/CVE-2025-46xx/CVE-2025-4652.json) (`2025-06-10T20:15:24.553`) -- [CVE-2025-47176](CVE-2025/CVE-2025-471xx/CVE-2025-47176.json) (`2025-06-10T20:15:24.203`) -- [CVE-2025-4840](CVE-2025/CVE-2025-48xx/CVE-2025-4840.json) (`2025-06-10T20:15:24.693`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 67c4e91c3f8..7a031d9f007 100644 --- a/_state.csv +++ b/_state.csv @@ -209756,7 +209756,7 @@ CVE-2022-4385,0,0,e8b4e2410cfe63eeb4bcbcabc4ca3915e6daad03830092325a0bfa5b6170d6 CVE-2022-43850,0,0,2b87c8e3ff800d3b638cd7c06b6611d053357dbd4e2331ccd989283b7fa5ef2d,2025-04-15T18:39:27.967000 CVE-2022-43851,0,0,ca5e97e653c3d3fda024e9e86c7bdc37a420abbf9da4f07ff1e40f509e65ea22,2025-04-15T18:39:27.967000 CVE-2022-43852,0,0,ebdc368d84f3016d163259bea9b56b0f45eda0b76893462e34bbfc09085a858d,2025-04-15T18:39:27.967000 -CVE-2022-43855,0,1,dcd596c29370422c61ea5eec00a0cd79e3caf360cc623caac1374e22c074cc57,2025-06-10T20:15:21.210000 +CVE-2022-43855,0,0,dcd596c29370422c61ea5eec00a0cd79e3caf360cc623caac1374e22c074cc57,2025-06-10T20:15:21.210000 CVE-2022-43857,0,0,c2306b55f2b4c37a83b047fd2388728e99b12612bc990aa59fe7703ba18ae695,2024-11-21T07:27:16.837000 CVE-2022-43858,0,0,f37263e6c9a749dffda738fdd0099cd194b151233806de545336aaf55f4891b9,2024-11-21T07:27:16.990000 CVE-2022-43859,0,0,fb5fcf2008667bf8e36fcb4c86b0d5f159050715bb8a549a5cfbc9fc72c9e289,2024-11-21T07:27:17.153000 @@ -264882,7 +264882,7 @@ CVE-2024-39306,0,0,8e446f8cd38382555b776a84edd1102287cdb22d9e95652344c53f12d26a9 CVE-2024-39307,0,0,54fef08c46653f6e61b6f0cd14a692daff3eb07244b26dc42dd314c57d353922,2024-11-21T09:27:25.713000 CVE-2024-39308,0,0,5e2a254789b6adf99c0777cff7acf6dd961d09c4b36426a3aeec492e329363b3,2024-11-21T09:27:25.837000 CVE-2024-39309,0,0,05dddb230d488a4715733b5828a558e0d37a47d27fd705c4212d0a536cb382bd,2024-11-21T09:27:25.990000 -CVE-2024-3931,0,1,f553904db358d69cb5020f261a83091b27e3f8e1734a2d71233128d75e944924,2025-06-10T20:08:09.853000 +CVE-2024-3931,0,0,f553904db358d69cb5020f261a83091b27e3f8e1734a2d71233128d75e944924,2025-06-10T20:08:09.853000 CVE-2024-39310,0,0,09dc0d6f8f165690ce5741ca2ed6e9da3275d325f18578ccaad0e38dbe7b8f91,2024-11-21T09:27:26.120000 CVE-2024-39311,0,0,ebf789116a74eb2a4f5371006bc49718c2bb9a41ce67f4e999602b1ddee53657,2025-04-14T14:24:49.550000 CVE-2024-39312,0,0,244e5eeda7d77b8f762732664cb450aa8179af57ae55ef58be1fa7ad940fc27b,2025-04-11T14:09:48.327000 @@ -266448,10 +266448,10 @@ CVE-2024-41482,0,0,0a596a5cf7b27067c86547cf8e385cb1be782f18b5f9b3af58ba9ccf7350b CVE-2024-4149,0,0,ce35c5dabaf9e62f62b27cc2db90363703ad2249bc96cfb9d4c9aa830d3e1498,2025-03-26T15:15:52.433000 CVE-2024-41492,0,0,0f8b4f7028b46594d815901b3c46f498a5d62420cc14f100e4b212c233005a09,2025-04-07T17:27:14.087000 CVE-2024-4150,0,0,2e8c0a57bcb392581939b062355027d1d8486c47fcac2388b6838611dbf235a6,2024-11-21T09:42:17.333000 -CVE-2024-41502,1,1,5029d7ae53258a3cbf50ec4c92c2614074d439128dd03a3ee865a2a5eaf5fd4d,2025-06-10T20:15:21.470000 -CVE-2024-41503,1,1,3f2bf3e731d782e3e7ef0d8c1c0b40b826a768bdc0773a433e02bd2f6c25b5fb,2025-06-10T20:15:21.610000 -CVE-2024-41504,1,1,37067d42d1b425849206a99c4fa3d1a775facce230487c29a50bf5bc10a01177,2025-06-10T20:15:21.733000 -CVE-2024-41505,1,1,123247ab5738cc46457400910d8683f2f005356335856263f36c4cc9a0d308a4,2025-06-10T20:15:21.850000 +CVE-2024-41502,0,0,5029d7ae53258a3cbf50ec4c92c2614074d439128dd03a3ee865a2a5eaf5fd4d,2025-06-10T20:15:21.470000 +CVE-2024-41503,0,0,3f2bf3e731d782e3e7ef0d8c1c0b40b826a768bdc0773a433e02bd2f6c25b5fb,2025-06-10T20:15:21.610000 +CVE-2024-41504,0,0,37067d42d1b425849206a99c4fa3d1a775facce230487c29a50bf5bc10a01177,2025-06-10T20:15:21.733000 +CVE-2024-41505,0,0,123247ab5738cc46457400910d8683f2f005356335856263f36c4cc9a0d308a4,2025-06-10T20:15:21.850000 CVE-2024-4151,0,0,337c26dffc6a0b1164159cb60fac00060ef9443ae253113be62690b03c8c28be,2025-01-31T11:15:10.620000 CVE-2024-41511,0,0,6347d6e8bdca9e61881aa8b3e3ce915cd91cf5be437f01825e5d12236e6d66dd,2025-06-02T17:41:35.250000 CVE-2024-41512,0,0,6c48f03f5a62a673b28167efa2657e1883db56964e6cb4fe91d57cc6cf6d0d2b,2025-06-02T17:40:46.877000 @@ -277852,7 +277852,7 @@ CVE-2024-57184,0,0,3fd914158434721c2565c1759ef928a3f64e92f246b28f05ed1e4a71635f0 CVE-2024-57186,0,0,3cb7bfc921c90a0c2e8bf89e93b21235b5460fce01f59754b641c8ef5841e3b8,2025-06-10T17:19:40.367000 CVE-2024-57189,0,0,4fc162f08873672d8151f27900e054f69ae2c9ba29a1ff213a01b33fcfcbe787,2025-06-10T17:20:09.367000 CVE-2024-5719,0,0,3d2db656c5d1f0a79b62bae36bd1cd10161f3160ac0d855266c2bbd4d021243f,2024-11-22T20:15:10.450000 -CVE-2024-57190,0,1,08b9e89723ba8456142ddb25972cfe6f270f1b34e7110981d2b565e32a3de4f9,2025-06-10T20:15:22.247000 +CVE-2024-57190,0,0,08b9e89723ba8456142ddb25972cfe6f270f1b34e7110981d2b565e32a3de4f9,2025-06-10T20:15:22.247000 CVE-2024-5720,0,0,eb323a155cad85d456bd7c0f7894b5f9589ce98c04e2db5736a7c40744f539a9,2024-11-22T20:15:10.563000 CVE-2024-5721,0,0,f143dbbb695fa9f83fd9d3c9d9d3aaa920ced069d4617f7e2c69a39cb694b5ad,2024-11-22T20:15:10.677000 CVE-2024-57211,0,0,98fcb4c7f26e4032b5a1184446b4d799208b39be2e033c671a8c4b297e19eeb9,2025-04-03T15:48:09.543000 @@ -286113,6 +286113,7 @@ CVE-2025-22825,0,0,c21ca5713a1aa3bda508edf6d7ba0513358e0245a32198c391997dcabc4fd CVE-2025-22826,0,0,36b6e140cfbfa94ee1e1f9414c9bba12f6b84f8e81d4c4eb37d1cc60556b529d,2025-01-09T16:16:33.047000 CVE-2025-22827,0,0,3baed988c384781b752e63a63aac2d02b4618a6f769d736ff71142b8ba1a8f98,2025-01-09T16:16:33.200000 CVE-2025-22828,0,0,327d4fbb4775debb7974f74b72faad2a6d9350ed385605b18892cfc7691fc3c9,2025-01-13T19:15:11.373000 +CVE-2025-22829,1,1,0a7f1becaeb595ca3e2f137c511ab2aa4cfed7e1bacf91df0d2d27997034adbe,2025-06-10T23:15:22.740000 CVE-2025-22835,0,0,5a3dcbb0db6caed0d293b2385a1d98cd90d73989d0608fc471dc171b2ccb9358,2025-03-06T18:08:28.420000 CVE-2025-22837,0,0,44b033dacb8e2726df0092d557d37995eccde71edf39d22fec862e0e0c807b9a,2025-03-04T17:38:12.983000 CVE-2025-2284,0,0,a99b6d1d0585ef43d03ac2a1a40107d3d7d4c664c60666054e04a866b639d809,2025-03-13T17:15:39.150000 @@ -286299,7 +286300,7 @@ CVE-2025-23099,0,0,76197de6f7075c8d8a9f0fc39558cb7eedbeb1e6ce55a9cdbe78882e1931c CVE-2025-2310,0,0,1254bedeef285364d4ce4cc304a3b27319f0e76b0b0498fd69d05aba0b6f3806,2025-05-28T18:12:42.130000 CVE-2025-23100,0,0,46b37fe2c3228425bf3c04fe972bc0cdefe57e7dc18dacde4550fc6f81a56a37,2025-06-06T18:45:16.443000 CVE-2025-23101,0,0,cc19cf5c7434529aeced05e986d69324969dba24b6a740d7f092ac779d3d70fd,2025-06-05T20:12:23.777000 -CVE-2025-23102,0,1,49abde4781c7970c0963b4225909dbd07917e4ed564029a579d5c8c20b131ddd,2025-06-10T20:07:12.893000 +CVE-2025-23102,0,0,49abde4781c7970c0963b4225909dbd07917e4ed564029a579d5c8c20b131ddd,2025-06-10T20:07:12.893000 CVE-2025-23103,0,0,af7de4223ee48e5d5418763433d6687e1e0444809ae878b4ad8a4335b22ba78e,2025-06-06T18:49:19.250000 CVE-2025-23104,0,0,5a4215e79ac958e04815e0d83cdbdc0822de3272f45b4d0aea0c06e194c03746,2025-06-09T14:15:22.403000 CVE-2025-23105,0,0,0cfe1826e7f6e2704ce0e8c0045a2d064cd7652071b287e953f8c489e8a22a74,2025-06-04T14:54:33.783000 @@ -288712,6 +288713,7 @@ CVE-2025-26512,0,0,27e124c5aa10b0f0b92c8ca055b8cbe842cdfbec5e8c61f840784c35c80d5 CVE-2025-26519,0,0,189b0c6946f901ee4eed556955000825a3005cbd4fd73b84bf5b1493f77b4b5d,2025-02-14T17:15:23.090000 CVE-2025-2652,0,0,ae6e16616be52d3538ce00377479a8c5ef0414a0c53d8e7631810155f48f2da5,2025-03-26T15:16:11.270000 CVE-2025-26520,0,0,292c9caba6f38831a4be980034f0f7cdde695fdbb1f85a1136d15679c0c9d4ba,2025-03-03T14:52:47.173000 +CVE-2025-26521,1,1,cdc81ec5afb63914ad407c304994a2b4e474bebe302d8fe6d668dcbca4d44fc5,2025-06-10T23:15:23.840000 CVE-2025-26522,0,0,15654b8dc281e5e95b6cb8d0b0449d89135cfca68e40163629b408b401b71985,2025-02-14T12:15:29.583000 CVE-2025-26523,0,0,9eb8004a3f0db5f271f82a4160bc199ec38e8d40fc177becbe2105cc644170be,2025-02-14T12:15:29.723000 CVE-2025-26524,0,0,e4675579756d8bf50fc8a11fc92dcb6c0f4393fb284e95c0369d48074177af48,2025-02-14T12:15:29.887000 @@ -290904,7 +290906,7 @@ CVE-2025-30512,0,0,830ca9aa3d060fbfd3176f9d9f5c7cd3b5eb14a6890ffb225ca2f7e33b59a CVE-2025-30514,0,0,191fbbadf6252574a267c8157cf87ff8e05e4c53e45be9178ae9e940181c57b2,2025-04-16T13:25:59.640000 CVE-2025-30515,0,0,614960604329a0eaed1a817027e1b09f610d68c4507b5268d02b65ad0e798c79,2025-06-09T23:15:22.273000 CVE-2025-30516,0,0,6e9088ba36985b7325f51c1d3c78cbc79ac0a2c6c97bf904fbc9eebc8d7f06b9,2025-04-15T18:39:27.967000 -CVE-2025-3052,1,1,30918acacf864df6328e2c8ee8fadea06c6002472676998b0d8330e0b424f554,2025-06-10T21:15:22.450000 +CVE-2025-3052,0,0,30918acacf864df6328e2c8ee8fadea06c6002472676998b0d8330e0b424f554,2025-06-10T21:15:22.450000 CVE-2025-30520,0,0,36202f4247a4e2c05ed8fe3c2794dc6deb26ec20b4118dea06db3314c5e3a395,2025-04-01T20:26:11.547000 CVE-2025-30521,0,0,eee2f839741a5e176cacf865cc6d42d2df432fd3f60c0ff1d8e1355c4ac5b964,2025-03-27T16:44:44.143000 CVE-2025-30522,0,0,ab298bed764aa241f7fdd86556fbb1b68374df7068fea4de0fc7d11feb11540d,2025-03-27T16:44:44.143000 @@ -293347,7 +293349,7 @@ CVE-2025-3591,0,0,9faf0d8d54afa4d861e787bba12e728bac4244da2f6db382b13f6aac7674e6 CVE-2025-3592,0,0,3766f02a8a9b7546b3744ae601fb2a46406e95eb867e2ef9712274445e3cdb7b,2025-04-15T18:39:27.967000 CVE-2025-3593,0,0,a01f66982e63d1a9077a22fb9d3bb17c3788e9968a5ce8acfaa25734a955883b,2025-04-15T18:39:27.967000 CVE-2025-35939,0,0,6a840d2678de0b0635b0f573a4e0aa98890f3ce611bcae157f676530014eaaf6,2025-06-03T20:59:34.117000 -CVE-2025-35940,1,1,99035063dad9daa4cf8431584bdae2d17fb96f782e0199a539be51e489d8b53f,2025-06-10T21:15:22.210000 +CVE-2025-35940,0,0,99035063dad9daa4cf8431584bdae2d17fb96f782e0199a539be51e489d8b53f,2025-06-10T21:15:22.210000 CVE-2025-35965,0,0,4aa642d84377cde687111c4598cf1eaeacbb56cf1c939bfc9602ea66c09fbf1f,2025-04-29T13:52:47.470000 CVE-2025-3597,0,0,d7f16eae83f55d018cc2fc04d9f80eccf613371d509c7f99733ac01645d2c6f1,2025-06-05T14:27:53.477000 CVE-2025-35975,0,0,ff6f53919e1d0edd41e3d119f9454f71c4e7dd5f4908d853817e3fb24cd36fe2,2025-05-02T13:52:51.693000 @@ -293437,7 +293439,7 @@ CVE-2025-3682,0,0,de57eace49a6d27204917c5ceecbe658fdb389a40602552630be6620ebd4bb CVE-2025-3683,0,0,806199c36683a1a495080faf4f821b587dc0a352eaa7192b73d771799e75d407,2025-04-29T20:18:17.860000 CVE-2025-3684,0,0,7836d98df2297c3ae4c00520b5763d5507d37fc0ab3fa0fd3ea28ab66ce84d57,2025-04-24T12:58:54.257000 CVE-2025-3685,0,0,3a67948a7766390cea93599c00e3b1b3041acf42fb5dac717813d68e2a48374a,2025-05-28T21:09:35.543000 -CVE-2025-36852,1,1,c70781909b19793c26910421923d022f6407a9e375a97ff759b401a02be143af,2025-06-10T20:15:22.877000 +CVE-2025-36852,0,0,c70781909b19793c26910421923d022f6407a9e375a97ff759b401a02be143af,2025-06-10T20:15:22.877000 CVE-2025-3686,0,0,b12d874696b4c56b951e5f5d604ca0ae05aa4221e4a7df5fdc60a7a8c1ba7455,2025-04-16T13:25:37.340000 CVE-2025-3687,0,0,5c6850d14ad0b944b323e811f12955f48cd1349682a0b58df031474842b9b2df,2025-04-16T13:25:37.340000 CVE-2025-3688,0,0,0c5a9c39d0a46b352ad26209271a79a845e7971d7d876bb2609e071b04f68cc2,2025-04-16T13:25:37.340000 @@ -294864,7 +294866,7 @@ CVE-2025-4403,0,0,a597524215bcc55cf95efb619760b46f4cfae80b1fccf565ab77d2156ec462 CVE-2025-44039,0,0,e526d2ea964b8df9e1d271dd8836298e821a1312ecb07527aee6d82ed8db4da5,2025-05-13T19:35:18.080000 CVE-2025-44040,0,0,b4bc9c9a135c852b34fde590233a20aefa279834e43ffbaee5fef18c63b73890,2025-06-10T19:34:47.497000 CVE-2025-44043,0,0,3036defbb851adc12433efe80e5fc6191550dd660e310fbc4032bb52cddd3b0f,2025-06-10T16:15:40.823000 -CVE-2025-44044,0,1,f5c59ec6996436edc8b5e5be096c22250cd11f88ecccdb3ada909a5383bff0e0,2025-06-10T20:15:23.817000 +CVE-2025-44044,0,0,f5c59ec6996436edc8b5e5be096c22250cd11f88ecccdb3ada909a5383bff0e0,2025-06-10T20:15:23.817000 CVE-2025-4405,0,0,a4c8d39da5071a2f65ae4b241bc012dd3778a87eb537de1f84f3ff1327d39e13,2025-05-23T15:55:02.040000 CVE-2025-44071,0,0,2772db9d2d7dc3a2f1886d3495d15be2a65239054354b12c18090ea5927d54cb,2025-05-13T20:03:39.143000 CVE-2025-44072,0,0,66cb314272334a06d99ce1609f65344916890c52ec9c458ff627cd7071565ba0,2025-05-13T20:05:16.493000 @@ -295420,7 +295422,7 @@ CVE-2025-46516,0,0,4c88ad304f0a3200cb6dc067922e69e11f23bef3885f8612be34edd9304b4 CVE-2025-46517,0,0,e00d3386df3e4b7181f0c929b08e457a807826ffd3ac273de6467947811d8ead,2025-04-29T13:52:28.490000 CVE-2025-46518,0,0,8ff37657d40d28b7e43670dec8250c937bdcb35627142fe4e1a4550710ea863b,2025-05-23T15:54:42.643000 CVE-2025-46519,0,0,a33ce7fa0944b2cff6a953c93d911a59cad0e41e0288c75a1ef712b260164b09,2025-04-29T13:52:28.490000 -CVE-2025-4652,0,1,a73d399faba425757c68319d9d66cd30311731e3fb0ce5638e154fa6fcf0c4df,2025-06-10T20:15:24.553000 +CVE-2025-4652,0,0,a73d399faba425757c68319d9d66cd30311731e3fb0ce5638e154fa6fcf0c4df,2025-06-10T20:15:24.553000 CVE-2025-46520,0,0,1c31d6dbbd3e5241ef4e2c12464d7caf8aa9991d18bc3f254623825eb9b8b54c,2025-04-29T13:52:28.490000 CVE-2025-46521,0,0,c218263f26834f6156811624211affe72a1577541fc4caa1b57a6d05a3e214a1,2025-04-29T13:52:28.490000 CVE-2025-46522,0,0,d3d2527c85c582d99da6bcb828f5f2b083bd408e3a5301718b05fe08113648f0,2025-04-29T13:52:28.490000 @@ -295620,24 +295622,245 @@ CVE-2025-4683,0,0,04e0e55e63a81a7f7e78b9edd02b0cd9335ab5a746197d4d81ab53a33313ae CVE-2025-46833,0,0,c80dd4df89ed1d9904a340fdabec8ad2db7d55e381346ed4e99c9bf921e12b91,2025-05-12T17:32:52.810000 CVE-2025-46834,0,0,eb9d8380a75c8996d4d833628ec9b8597e1a106d35c070448419534197001bee,2025-05-16T14:42:18.700000 CVE-2025-46836,0,0,634901c54fe4e9e284ebde4bed08aa69fbb4913cece33372bea06dbd6a8c3913,2025-05-31T23:15:20.400000 +CVE-2025-46837,1,1,4f2b25b74d7be1f28c25e625a2b4508b77b08cbce0cb8155628f3b7b94248b9d,2025-06-10T23:15:24.043000 +CVE-2025-46838,1,1,5e750e769a0997bfe3028081571cd640f1ca55bcafdadf85328b16e46d5dea2e,2025-06-10T23:15:24.197000 +CVE-2025-46840,1,1,974c5cc96bd6b0b1fa7c5d0de741f5d65f712cb1cd5dc464d9101749efb9ff30,2025-06-10T23:15:24.350000 +CVE-2025-46841,1,1,7bacbfd93afc20271a86d5628c495d7410575e680eb4491363d9ce8a78c42ddc,2025-06-10T23:15:24.507000 +CVE-2025-46842,1,1,c244cc9718e410a0854fa3633d01218b35f06b04d902a5ba0f78517246076122,2025-06-10T23:15:24.667000 +CVE-2025-46843,1,1,05ce10e86181ee5731c37f62055af60d4adf087689b059ab40bc93596ea7240b,2025-06-10T23:15:24.817000 +CVE-2025-46844,1,1,ccacb4c472a24c2f77d508b3e2d42df6397773c8f291f41e3e17e8673b672441,2025-06-10T23:15:24.967000 +CVE-2025-46845,1,1,afe2cc172d557f6c68698e9dcff6b75a57476d310d0fec3ac68b15ef02eb3014,2025-06-10T23:15:25.120000 +CVE-2025-46846,1,1,acb6fa80736d17864e0f9580b73060aa5bd8e4afa774d681f701a8b5f6623782,2025-06-10T23:15:25.273000 +CVE-2025-46847,1,1,a9433988569eaf497239199c86e2e9013da5916d34a1a6ae586b4a16ad08945c,2025-06-10T23:15:25.423000 +CVE-2025-46848,1,1,1a0de7950b262acb85958d058acf3e3817776939d5a162689cb3a0df79a58ee2,2025-06-10T23:15:25.580000 +CVE-2025-46850,1,1,e77f6b7023b1892251d1c397ebaa691db65338bbd6fc62ffd57c654be9ee80f9,2025-06-10T23:15:25.733000 +CVE-2025-46851,1,1,68478feeaee917e6f770ae0c9423862ec899602a60f2a593cf1ee063e41ee1a4,2025-06-10T23:15:25.897000 +CVE-2025-46853,1,1,545ba05056f44aa7637a1564298966a24206ae0207b3093d8979c7be1b7f7b86,2025-06-10T23:15:26.053000 +CVE-2025-46854,1,1,cb6df00ce6f30d8df23c20a74f7a92d6e99cfac0a1e30d4958952620a02592c0,2025-06-10T23:15:26.210000 +CVE-2025-46855,1,1,b1fa254c64a0d0622942a92075d5b5e99f1f5c4004ad43f49100449c5885759b,2025-06-10T23:15:26.367000 +CVE-2025-46857,1,1,40c273a3173ff74b11dd5a577ea2935c01945b0f2156c73be5c92bae4403c454,2025-06-10T23:15:26.520000 +CVE-2025-46858,1,1,c4d59b06f5a7446a849aade08643cdb684906304aca00f98d29d5c5379cb88b2,2025-06-10T23:15:26.670000 +CVE-2025-46859,1,1,fe8f484bccad75fec6b625bbe3b14d956af42aee5b04a04d3e95ec404c6f8baf,2025-06-10T23:15:26.820000 +CVE-2025-46860,1,1,6dd8f8c26f580907d97f0eb084360405ee9757e85af6a22006c88a76c5c10434,2025-06-10T23:15:26.973000 +CVE-2025-46861,1,1,bbca68ee86a4f121aa13a55fdce5d202e0d2c8721ee0973a6340035a2a9b703d,2025-06-10T23:15:27.120000 +CVE-2025-46862,1,1,03237ab90a987df48df011a1ff8acbe0a45e9b1d762dd55507d9629bfc96f555,2025-06-10T23:15:27.280000 +CVE-2025-46863,1,1,1796ab799542846644375410ba99f0970b3741666c13772694db79987a1a0051,2025-06-10T23:15:27.447000 +CVE-2025-46864,1,1,0e14df11d9b6c5e263d1c9fd8e71cfa9ff0c267ec2e49ca6da1b359bd33d0990,2025-06-10T23:15:27.613000 +CVE-2025-46865,1,1,fc69cf14a780ddbf139d407be8d95af1ae710a42890277ede80daccbbfdd4f5a,2025-06-10T23:15:27.767000 +CVE-2025-46866,1,1,b0d47c0f0d78727088e13bc9ee88d5426cfd34cbf04decb0c25c26f9c8c3094b,2025-06-10T23:15:27.913000 CVE-2025-4687,0,0,1640607bc7fe5794fbf2fa14f9879451ac745ec329229aee355cca70f8ae7d84,2025-05-29T14:29:50.247000 +CVE-2025-46870,1,1,1d6b549dbfc1b896f8272288eb1eacc622aec51ea4e3287bcb3f075802e623b8,2025-06-10T23:15:28.080000 +CVE-2025-46871,1,1,a686f254d95dcef7ce4da8a4677e2e8464efc3edd519aa38866412c189447796,2025-06-10T23:15:28.237000 +CVE-2025-46872,1,1,26448e2c38bc088714a41a5675ea8ac249511ab081de4efa7534bebe29cd6ca0,2025-06-10T23:15:28.387000 +CVE-2025-46873,1,1,9a0f1d4449450922e9870d2a0eb52e79fb3493fd8e0e53aa9e3c15d8ce09025a,2025-06-10T23:15:28.537000 +CVE-2025-46874,1,1,ae9933ee40a593a442e475959c3945f4e1c5541055f4518d00c98a265019f1f2,2025-06-10T23:15:28.690000 +CVE-2025-46875,1,1,23bfb3855dc1445118a1a80611f4396af7ddb47e2d4443f54ea0c1c8f6df1612,2025-06-10T23:15:28.843000 +CVE-2025-46876,1,1,6b3ef841ca4edc309caffdbf7de4c2b0bd8a2b8f9a6070ab1659f8b2a53a65ac,2025-06-10T23:15:28.993000 +CVE-2025-46877,1,1,e9b46cc876e0493bca185a3d5c5d17613fa8c2d1e3ab1a1bef46a5d9a056ded7,2025-06-10T23:15:29.147000 +CVE-2025-46878,1,1,e8a8263dd88835d5969af7a63fd20c336a2c36089f3b7cb1effe38ce5bb23f3d,2025-06-10T23:15:29.310000 +CVE-2025-46879,1,1,1c5b8f4e47bc950cf85ed84c493e10b717622b7266602f35e49d7d7184b639a0,2025-06-10T23:15:29.503000 +CVE-2025-46880,1,1,c4c261b0fc4961b31176cb7c94a946ed8f567a46d6d9b6d3140a4787daf63134,2025-06-10T23:15:29.660000 +CVE-2025-46881,1,1,f04c7a955ac03a7878ec475bd54bc83324c88c8cd712de09b2f61789e11db3c0,2025-06-10T23:15:29.813000 +CVE-2025-46882,1,1,499f61d5f8d093354b5280de42e318346c8c2f6d6decf991dbbd825a302a5fc3,2025-06-10T23:15:29.967000 +CVE-2025-46883,1,1,4fbc06814112742600cca6b0d119c54cec68073d80be0313084f1e9dc0b36c3e,2025-06-10T23:15:30.120000 +CVE-2025-46884,1,1,b1543211ab08e64f2c88bef9dad83575b41f9937b561d928589b050720a32bee,2025-06-10T23:15:30.280000 +CVE-2025-46885,1,1,20c4df657cdd99e86a0a013dd43a112c550e0a34ab522ac647e69728aeeda1a0,2025-06-10T23:15:30.433000 +CVE-2025-46886,1,1,2d8372a900b440b70775f4984cac4570be1e553195a322252a644528abfe3d37,2025-06-10T23:15:30.603000 +CVE-2025-46887,1,1,74711efb4008cb67fe91e75aa17b3f39e7f34b6d672086dd930bc6497d7ceaf3,2025-06-10T23:15:30.763000 +CVE-2025-46888,1,1,d97d4af0658dffbc9cf3f9299e66d8a8ef6bdcfa12bb4ab3a6e2f2e706f3e951,2025-06-10T23:15:30.923000 +CVE-2025-46889,1,1,4c191e4cfb9eadbeefe316bc8bea24f4df8b8a7cc1e37ef4d745ed63859ba9d7,2025-06-10T23:15:31.080000 +CVE-2025-46890,1,1,ed576d7c70648dcd637b93a6c29fb49ba67b12f17fcf1dee9540e451febb6538,2025-06-10T23:15:31.233000 +CVE-2025-46891,1,1,77f4e309b93263f9be624ad4c9558ccb4506954e502f7be2cda88a85af246958,2025-06-10T23:15:31.387000 +CVE-2025-46892,1,1,aa306ddc95132e7409eb28bd4b60de90b575f012b24348eaba82aa1044ca9d83,2025-06-10T23:15:31.540000 +CVE-2025-46893,1,1,9b2b8e9321272e5a581d6497c12ca27e27fdc02771e3e192be5c779ecbae68a4,2025-06-10T23:15:31.693000 +CVE-2025-46894,1,1,4ecf12e9610bc3d06c59c0c5559fdcf5a080bda2e68f2748c96a5f6c737f9665,2025-06-10T23:15:31.843000 +CVE-2025-46895,1,1,b313edaeb9494358737d7360b4fb26e1cfaef61656f0902a680bd70384cad41f,2025-06-10T23:15:31.990000 +CVE-2025-46898,1,1,0aeb149e4d155e3d9de8a21c06661f15968828409d214ddc3d5a754570a037fc,2025-06-10T23:15:32.143000 +CVE-2025-46899,1,1,acad9a7dbbd39ad597c1bbabefe75a847156e869af69544b35b4c0b6a024ce43,2025-06-10T23:15:32.303000 +CVE-2025-46900,1,1,e6d5016de4f6d0160f0a405ef87953a8fdf8a2e9bdf687d58b5d2813937f550a,2025-06-10T23:15:32.470000 +CVE-2025-46901,1,1,6211626e435c87f75a7c955fc75c1a551ac5269356e30515e9e3250b9b2fcf06,2025-06-10T23:15:32.623000 +CVE-2025-46902,1,1,c23e3a872cee02efddf403115269ec0720d528dd4757af0f539422b8ec3a8eac,2025-06-10T23:15:32.777000 +CVE-2025-46903,1,1,f195d2626d01a46baa1b43cb6eb1642a44cc93074000061b52bda10b2787d50c,2025-06-10T23:15:32.927000 +CVE-2025-46904,1,1,9a40435bf75e451e8f91bf1ae768ac2f376dd934bff8a0b9c6d603fc64d960c6,2025-06-10T23:15:33.077000 +CVE-2025-46905,1,1,98f1b2290607ce808d8e00ad6582a02ba3d6f1c562f7045c5a39c60d6b88537c,2025-06-10T23:15:33.227000 +CVE-2025-46906,1,1,8456211249fd6a41043c76c119ddc1cf156b79a8283eabc210c8fa4786e4b492,2025-06-10T23:15:33.373000 +CVE-2025-46907,1,1,f0ead820e7be12a81f5adce99c67888dcd2a058e800ba120077cab2c1bb0f5a4,2025-06-10T23:15:33.530000 +CVE-2025-46908,1,1,0725bfe19ca0f0dc21eaee35a237e305bbefb8a10390781c716a674b9a843430,2025-06-10T23:15:33.680000 +CVE-2025-46909,1,1,7680448cfe48382534238a905542d7774bb164eec178e788b5d0bed1050100e2,2025-06-10T23:15:33.830000 CVE-2025-4691,0,0,b02baf04a7dd36e1a54efc1a282abf13a5a0c5c5e16bda7b9e49ae577dd413d6,2025-06-02T17:32:17.397000 +CVE-2025-46910,1,1,913e3f244a2b1aabe438dcc71cc9614e61b403590b8c5ba0a4fed23471166fd4,2025-06-10T23:15:33.977000 +CVE-2025-46911,1,1,7d62c386729a5fbd7d5053b30d8904b87243b23bfa0bf4b4baf4aaae6e079604,2025-06-10T23:15:34.127000 +CVE-2025-46912,1,1,29f2d24bf6bc9a7a96c6af5893f15ae436ca36e64993bbcdd32baf09f0c6c5da,2025-06-10T23:15:34.273000 +CVE-2025-46913,1,1,83d5e65c5f9f8d8f4f95b47bc7a45299630432ca9f76e7a8b4318ad1ba3d4b6c,2025-06-10T23:15:34.423000 +CVE-2025-46914,1,1,261968d0233456dbcc2077dac1364d5a0231c4333b1543f18a6496df9477d50c,2025-06-10T23:15:34.570000 +CVE-2025-46915,1,1,d2bee33f8165af281e87acc451a05af98f0347cce196c73e94851b2d0fa26bec,2025-06-10T23:15:34.723000 +CVE-2025-46916,1,1,8e4d1491361181ca85d09c231c825010cc9e0ed65e9d50340b793d4367faed38,2025-06-10T23:15:34.877000 +CVE-2025-46917,1,1,595e033c751ec61e5fabfa4c67eff58793d74c868507072a149f33ba1b8c587d,2025-06-10T23:15:35.037000 +CVE-2025-46918,1,1,43a845c7ee81b458a8ca9e8b5e9f0b24527448307457414bdb11d04a9092c880,2025-06-10T23:15:35.187000 +CVE-2025-46919,1,1,4bb284e06d56ae25d4b081984c84691572afb0cf546977fde8a26d117ad82da7,2025-06-10T23:15:35.330000 CVE-2025-4692,0,0,6b3541c77076c4057b96e95cd4d05354ec769644d2ab1b6cb8b6a2615ff8f8d7,2025-05-23T15:54:42.643000 +CVE-2025-46920,1,1,88a388050bc631f42b9dc3e4bf1848860d7f53bf14ae509fe4552e8682db0961,2025-06-10T23:15:35.483000 +CVE-2025-46922,1,1,ce6936d5ee47ab56911b1172f0b509e8007c5b5b1327bcb7e2434b0f6340a408,2025-06-10T23:15:35.640000 +CVE-2025-46923,1,1,20daebc1c961585b1959091072f828af2ca6893a2983731c3c34153b1e91e094,2025-06-10T23:15:35.797000 +CVE-2025-46924,1,1,c2fc9c35605fa6bd6e6088e099a14e046cc89530789c61b3cbf98dfcb1ae15f1,2025-06-10T23:15:35.957000 +CVE-2025-46926,1,1,1988887ec4363958fc839850d1a642998808b2226f44c79e7757698a1c924988,2025-06-10T23:15:36.103000 +CVE-2025-46927,1,1,eae05416edee013967099195b6c343f59650a6e1645033609832b150158d3bd9,2025-06-10T23:15:36.260000 +CVE-2025-46929,1,1,456ce6a516c5be8957aeb82691d6ff6a33195272401fa7dc617b1fc34b739431,2025-06-10T23:15:36.407000 +CVE-2025-46930,1,1,ff989944a73af555dcffd08aa86b9587bb46ff3c37d72129740d4561db1447c4,2025-06-10T23:15:36.553000 +CVE-2025-46931,1,1,c51bf7a13395e987dbee0cb70ca54ff1bcfbb803abaaa2f05ac905a316c4870a,2025-06-10T23:15:36.700000 +CVE-2025-46933,1,1,fc289ac425c9a76c71d0002c9d2f8cd92612c7184363486c63e4e646710e241a,2025-06-10T23:15:36.853000 +CVE-2025-46934,1,1,23a4e9a03cfbe5eefec64ccb7559b03acb7da3e8fc755fe0fb0001a879938063,2025-06-10T23:15:37 +CVE-2025-46935,1,1,7087cf21293dc643f0272ef68efff55a69d5e07f99ee6b4a4146302ef4444fa0,2025-06-10T23:15:37.147000 +CVE-2025-46939,1,1,b6208b7fae4fd206efa0a4f93f83f2c93885f83f56f66f65473d2fd9637437ad,2025-06-10T23:15:37.300000 +CVE-2025-46940,1,1,48650729c09f6f0b017affc708ccee9f824b78e25ddd0c5e4289f3e699f92fc7,2025-06-10T23:15:37.450000 +CVE-2025-46941,1,1,210b079bd5e34a354112dd1444f554d91bdbcc9728a77a60e52019a04823026d,2025-06-10T23:15:37.597000 +CVE-2025-46942,1,1,e8373d3c154b05542523f83c9409f6c569875ad65f65ed6223cc3734c7bdb1e4,2025-06-10T23:15:37.743000 +CVE-2025-46943,1,1,e94d53a57f4e8c3e38ef0c65f4bc51d59444b9dbcb597a5f3d845b2210568292,2025-06-10T23:15:37.890000 +CVE-2025-46944,1,1,707ae4f54c95dc4d6ab51e40fab62750477f9c5fac9ccd806e27d6e52538b7cd,2025-06-10T23:15:38.040000 +CVE-2025-46945,1,1,45c9e7902332721a64fb86ec6f07615bcde87a5dac2cba49efb5d5c877579ea6,2025-06-10T23:15:38.180000 +CVE-2025-46946,1,1,d8be5d93970f2fe6e16a2c784387182d6a6392cad57a73d7745cb9f19eaac1e9,2025-06-10T23:15:38.330000 +CVE-2025-46947,1,1,fa3ab46528f466fbbe6496d811066d8ad54deeafd0932bfd63bc59f09053058d,2025-06-10T23:15:38.477000 +CVE-2025-46948,1,1,d9d4c5b58d8af51ef8d2cc016f65b26dea23dafdea9b78775d34cb60317e05ea,2025-06-10T23:15:38.623000 +CVE-2025-46949,1,1,ef5a36529193d909e14b036aa027166ced18f5aa043772377ab27ed2b0bf99b2,2025-06-10T23:15:38.770000 CVE-2025-4695,0,0,0a0f54d4c59f025a44c7f56cf61d2ee6bfa8db27b80bd2484bf98e0dfa12f657,2025-05-30T09:15:25.950000 +CVE-2025-46950,1,1,8f95ab9d3caf428a05943a2c0353379cc381cbd0c01e1d2471708a314ff1e0cb,2025-06-10T23:15:38.920000 +CVE-2025-46951,1,1,8b59c786b30d0fc630cc5586f2fbf1daff82fd729af58d1d8ae02d8c5dbdf1d4,2025-06-10T23:15:39.070000 +CVE-2025-46952,1,1,0adda536013c80e769c75f283b5a49d515ad5abc4476a41067aabb308d181f86,2025-06-10T23:15:39.223000 +CVE-2025-46953,1,1,497b53d371dee0ea35439f6ef38f53b385443930107eeae051caee1db5470548,2025-06-10T23:15:39.377000 +CVE-2025-46954,1,1,40e3fa6f76fc694a291b113844f87d20330782bdce8e5ba0cb3f9f707a83e92c,2025-06-10T23:15:39.530000 +CVE-2025-46955,1,1,ba8ace422a96c675367238a575e4f1db79d2dad1547fd978dde2038a2b690715,2025-06-10T23:15:39.707000 +CVE-2025-46956,1,1,2406c288f0610a2eb3456b242ffe277d4d4cb3dde01e460cb6d68e174f8a6194,2025-06-10T23:15:39.860000 +CVE-2025-46957,1,1,bbc8c6a4f9747d397676322841f773feb35241df594b81bea39b868641c4dca9,2025-06-10T23:15:40.007000 CVE-2025-4696,0,0,3c1d80c21a5ec0ac6ab835b04972aa87d384361ad09ac9685636f2795bbaa348,2025-06-03T13:15:20.963000 +CVE-2025-46960,1,1,8ec4adc5e5dff0c190260f48d5321b41eda89d79d88d896dcaa2609c2b3a5373,2025-06-10T23:15:40.150000 +CVE-2025-46963,1,1,24b50cb82f0a6ec1c2723c8fd4a991d8a04952812cb68f564c467a37fb397da3,2025-06-10T23:15:40.300000 +CVE-2025-46964,1,1,b5a0b6d2a6dd276cc28a5308c46a72b27175db5f240d2c59ac9e7ab2f0b1d608,2025-06-10T23:15:40.450000 +CVE-2025-46965,1,1,05d25fb47c4725df4ceccc7c4d1aa62e16ccc235939591ee9b0061328f94b48f,2025-06-10T23:15:40.597000 +CVE-2025-46966,1,1,c1832ab07f32fd575ba971c49e728ae77bbd3b10259b98e4cb234528cdafcb2d,2025-06-10T23:15:40.743000 +CVE-2025-46967,1,1,4fe4334253e4b6de27283306bad2945ef41bb8fe91746823d9ae18be97f4fa10,2025-06-10T23:15:40.903000 +CVE-2025-46968,1,1,cc27aa189a69b66905fc210488e4637dc9baa2ca1be71b84c2b15f17866eb8b9,2025-06-10T23:15:41.053000 CVE-2025-4697,0,0,bfbb2280e3ce953d874c6922904cbb0aa3f9380019c3332d7eae9696f7039e5d,2025-05-28T14:30:43.507000 +CVE-2025-46970,1,1,ed5b305f70764e6fb7bb07f8327275fa4367e91cc992fcd1263dda5aec85f428,2025-06-10T23:15:41.203000 +CVE-2025-46971,1,1,a6b7845d4b556ade6a26faec71cb96d520876e7b0d713e78f5c12c4939e12726,2025-06-10T23:15:41.350000 +CVE-2025-46972,1,1,8ad88dcde12efdf70b2bf6fe4a147314c692534ef728088465aed8b81b4e724b,2025-06-10T23:15:41.497000 +CVE-2025-46973,1,1,5879af8cf2d18f6b0208f2724f12f7cf31a61b4d7cd0d5fa2c166331c375da87,2025-06-10T23:15:41.647000 +CVE-2025-46974,1,1,b9945679d650e6fc55db09f3a5d270ff0929c81ab065b40707a69f90c0f9714e,2025-06-10T23:15:41.793000 +CVE-2025-46975,1,1,791b269ae4c820edae98f9a546ed5621061e716767c284ccc6211e6d197b2f9b,2025-06-10T23:15:41.943000 +CVE-2025-46976,1,1,06b0f9f328180281fb522625cdebd4f2094d011484ec8bb2a09ffbf8a583ed31,2025-06-10T23:15:42.103000 +CVE-2025-46977,1,1,a137c97c3e551ecca99dd1586d7e3bc66c6d94cb827787f44ef6a7e4c54db7fe,2025-06-10T23:15:42.267000 +CVE-2025-46978,1,1,1d6ee33bfce9a54c33301a3159e229a9739fac35937b3298f0c085e424fc5b10,2025-06-10T23:15:42.447000 +CVE-2025-46979,1,1,bbbe7c37b856f01708a6441e987b3753fa42f250fc6e80340531ca476bb382b9,2025-06-10T23:15:42.597000 CVE-2025-4698,0,0,629d6280fd3d3fe101760664e35242f9f6abe094cabf022cd7d827567767722a,2025-05-28T14:22:16.457000 +CVE-2025-46981,1,1,79c85fd35aa186314411021a3ed825a2f6993681c3399fe495299242cd01bdee,2025-06-10T23:15:42.743000 +CVE-2025-46982,1,1,83ca7f93bb2788cdb6e7d96a66f9b3135a5df546f72602d91c0ba12cd52d8624,2025-06-10T23:15:42.890000 +CVE-2025-46983,1,1,3f77f508277a370a780422bba0c70fa9a900accc545031579d63c9ba76fcd573,2025-06-10T23:15:43.033000 +CVE-2025-46984,1,1,b9813a7468a8505b9d40b2188dc6736d4b1eec69d464d6ebe43c4f4ece619f9f,2025-06-10T23:15:43.183000 +CVE-2025-46985,1,1,4cb2fca07ab437649f0738dad24154009038f2625ae5fb8e31517d2dd0fbc2e0,2025-06-10T23:15:43.333000 +CVE-2025-46986,1,1,498527b69f9b7f956b2a3931b371427c96c3b2f688ff8541cc4dd50ab1134a1f,2025-06-10T23:15:43.477000 +CVE-2025-46987,1,1,e7fe237dcb602caa08b25107a47144d3134f6f13979da0a0e08613e6cc4cfcc8,2025-06-10T23:15:43.627000 +CVE-2025-46988,1,1,8b1a5453b7fc5a107bfef7b6a846e8cf74cd234ad094d090ea77786fa1bdfb29,2025-06-10T23:15:43.773000 +CVE-2025-46989,1,1,008bdd6c191e60ecf125c7403643d2be9be444e63d22564549922826b04d62f7,2025-06-10T23:15:43.917000 CVE-2025-4699,0,0,8050368b263de08669c173a654994e653b6b74b6e1b034c43e19a012e2c34d52,2025-05-28T14:29:57.107000 +CVE-2025-46990,1,1,c851f60050c9d80db046feb85d87cc70a0874047ab7c72175f96bcbc23384c56,2025-06-10T23:15:44.070000 +CVE-2025-46991,1,1,868d7d778bffbf6a0b12b6604979705ccc2d41f78a196a91e5fe776eb96e3faf,2025-06-10T23:15:44.220000 +CVE-2025-46992,1,1,87ea70997ea2a3ab684111ac39077d89d6ed9db1d261d6bbefc5f8c37bd9cf01,2025-06-10T23:15:44.367000 +CVE-2025-46995,1,1,0b2d6014f603862c5753c609c10010c1a46d39bc7f3086efeadfcc04beaad8bd,2025-06-10T23:15:44.520000 +CVE-2025-46997,1,1,13d6ae5d40a2715d31116b1570417daef633acac9377c2705e7ba4cc18c633d3,2025-06-10T23:15:44.667000 +CVE-2025-46999,1,1,c9f5190c9795214df39d64c7ec2b4213ba88a81ca00ec82611ccfaa5197d9b81,2025-06-10T23:15:44.813000 +CVE-2025-47000,1,1,84937e808100e68704b1e43a5b93bad7abe4fb4eedafa8db13eaec45d461f79a,2025-06-10T23:15:44.960000 +CVE-2025-47002,1,1,067ae843a1520ffbbadf97d07b1c59ac312dcce9899f28aeb42d28f5e334c40f,2025-06-10T23:15:45.110000 +CVE-2025-47003,1,1,fb45d7579dabee052809e209d41370c4c76f42881bf2982f16b026a2c0db9083,2025-06-10T23:15:45.263000 +CVE-2025-47004,1,1,45fb365de005d50d178f5c8726d762d777a158f1e7bcfd2ab4bb66c2f34e3c92,2025-06-10T23:15:45.407000 +CVE-2025-47005,1,1,918de8703faa9353fda513818013dc4051a9ce3f996a1bd4ef39ccd46ea3eb70,2025-06-10T23:15:45.553000 +CVE-2025-47006,1,1,986d305f8a516d418a8a04d5f9cd0c525390a8ee8bfd9d410b854432822b8dc2,2025-06-10T23:15:45.700000 +CVE-2025-47007,1,1,af5f4ec7df3ec5e8189ab9a5e09e9e121d7ca78d5ca387180b0549a2cc7de5fa,2025-06-10T23:15:45.847000 +CVE-2025-47008,1,1,5ccb1f38cbc64fa4ec7bba4e89488f280ae677bacb3be792e6cb43ca1ef65bb0,2025-06-10T23:15:46.003000 CVE-2025-4701,0,0,32bd407607d03889daaae5a9a4c57b77ab108e30d9783654ecf30acbd4813a08,2025-05-16T14:43:26.160000 +CVE-2025-47010,1,1,6de81fefc40af7316e606aef89a01d4b1d534163c6141bef93c286414b365df9,2025-06-10T23:15:46.153000 +CVE-2025-47011,1,1,6749a1a4c2901848e5114057972bd229872f3127a73aa7f03337c6c04a67a0b3,2025-06-10T23:15:46.300000 +CVE-2025-47012,1,1,362f453198282caa60ba732d7336702ea7fe2bc88df6fd50ee412dbc1e94f9d4,2025-06-10T23:15:46.447000 +CVE-2025-47013,1,1,ea686824beecda69780a8efb1f3614710e9b632a7b1ebd1a9d9f3ce9ab28f2e1,2025-06-10T23:15:46.593000 +CVE-2025-47014,1,1,af79611874630d793368bb746c1de9a806df45a7f4ac31154574d9421806b379,2025-06-10T23:15:46.733000 +CVE-2025-47015,1,1,0c2ee22092578cefdfc30508511722b1374ee7f9c3512190a62af19cfd67ff88,2025-06-10T23:15:46.880000 +CVE-2025-47016,1,1,e14273b40923075f17677d13ff09821e9fa755a92244685a05e3da8fee993121,2025-06-10T23:15:47.020000 +CVE-2025-47017,1,1,114658b6770a621374150acdbf1acdfadadd7a13894d7c28768107836b2422ae,2025-06-10T23:15:47.170000 +CVE-2025-47019,1,1,be7a4083359a100623b6beba3e324f134a2f9703c48b694844146628694c148c,2025-06-10T23:15:47.327000 CVE-2025-4702,0,0,a35c1fdd537c3d0273121f6887d1e59bc91dde91fec44cfdd89191f0e855fae1,2025-05-28T14:29:35.623000 +CVE-2025-47020,1,1,0015e5682cc3c91a5d96eb535875c71b6fab8da39811d754025ecb1204390079,2025-06-10T23:15:47.487000 +CVE-2025-47021,1,1,3361a75db6e64a128d77637076263c224a7cc2b259594b148e4a99f5cee02c8b,2025-06-10T23:15:47.640000 +CVE-2025-47022,1,1,f3288f3d49c0572c36f50a1683e69fb1e570d7442d74e258aa4d556c3e2c0622,2025-06-10T23:15:47.793000 +CVE-2025-47025,1,1,1cd7c997afe502d6e5fc9339a2eef46b35e02dfcd89bed7dc60b3f23f4a8cba7,2025-06-10T23:15:47.943000 +CVE-2025-47026,1,1,74e7972a6b8b068afeb7ae69106630096e96286cdefe32e8b76fdce57abeff22,2025-06-10T23:15:48.097000 +CVE-2025-47027,1,1,d7a4f4942dd1c768639e23cc27bac6d5a3e1716a8a4da1e7f9e8577c945b6e10,2025-06-10T23:15:48.250000 +CVE-2025-47029,1,1,7f23714b1934b956d4cea781da33fb7ad7bf47a190e2822fa736d2d2e3a33e32,2025-06-10T23:15:48.403000 CVE-2025-4703,0,0,9154e5f924d2647867255db038c97e1cc01c61b9b675d054c50b493596e9ae17,2025-05-28T14:29:12.490000 +CVE-2025-47030,1,1,436303a5a9bd66fb15e3df3186ca3ba454abefef6b26f5f1bfeb57eb3720d39b,2025-06-10T23:15:48.550000 +CVE-2025-47031,1,1,fcf367fd43c3ba7ed8a1ce76ba0b5574cb5520419f104b7d805f05f51d4c26f3,2025-06-10T23:15:48.693000 +CVE-2025-47032,1,1,6cbd763f3cb9362f85a63b733711e94b449ee00fd1515113093a72bd5bb27bef,2025-06-10T23:15:48.840000 +CVE-2025-47033,1,1,675fb528ab36c25c066c04eb2e1c0b18be705c59d096ad46664b08898f1ec078,2025-06-10T23:15:48.987000 +CVE-2025-47034,1,1,3d2a44b07c9c718fb8bf4dca6ef6afb616f019755de1bd147de7803332c99dab,2025-06-10T23:15:49.130000 +CVE-2025-47035,1,1,7726c1a8021c11f3cce6d7dffc2835a876007dd5ef8f76913e9975539904c061,2025-06-10T23:15:49.280000 +CVE-2025-47036,1,1,07c4e75ba0129c8eef50bb8d74bb4726e824002aac775583f5559ac7efe24423,2025-06-10T23:15:49.427000 +CVE-2025-47037,1,1,2b49eb935ff75ea874c95112954d5358c9a52a45f4ac95aa326e5094fe9c7918,2025-06-10T23:15:49.573000 +CVE-2025-47038,1,1,a0fb46b4d7e3093cef571dfa9c971c56f742249336d0da91d42c6c76ea4219cc,2025-06-10T23:15:49.730000 +CVE-2025-47039,1,1,109f93b7199007d539420fee128467ff5a3ec2e2db1dbfff64e726a964cc4b5c,2025-06-10T23:15:49.907000 CVE-2025-4704,0,0,3b3641f874edd2ec2bbabed36c1c7e44703059cec950b64fa538f538dc48f77f,2025-05-28T14:29:05.437000 +CVE-2025-47040,1,1,a6fb5e30dc5541dfd41dcb31eb59338027bf047f59f86d9a54efe9ee5fa9716f,2025-06-10T23:15:50.060000 +CVE-2025-47041,1,1,fcda175c41a3624dc9d535fcf69704ddf5dbba517ce5c7c3485e7e4057e7467b,2025-06-10T23:15:50.203000 +CVE-2025-47042,1,1,db9d05b6efd0c0bfe8e7c6225fb5e03d781dbdc809067d8f44b20059e3173ff8,2025-06-10T23:15:50.353000 +CVE-2025-47044,1,1,c84890e62e2fcf2494568197558eb8ae8e8cb3d594339dd2428fc8374fbc9c7f,2025-06-10T23:15:50.510000 +CVE-2025-47045,1,1,d0299f1be23bec41286f1c322c530764b44895ff26cf6464a45059045470f5d8,2025-06-10T23:15:50.660000 +CVE-2025-47047,1,1,828318a61ec4facef6dd5d9c29dc7cd9c3574f1ccf48af092f1be581eaf0c31c,2025-06-10T23:15:50.807000 +CVE-2025-47048,1,1,94a322006f231c8e0114dc69162d8f346c7f828069d36a6a32137e6166f9a237,2025-06-10T23:15:50.950000 +CVE-2025-47049,1,1,b2c9a47c8140851aa7ce279eea791486306fa06e96eb8d6f61f937af805ab012,2025-06-10T23:15:51.107000 CVE-2025-4705,0,0,b78a7bfcff1aa2f402ecf2c8ae725660ce008f2c73ba48cf82d0c9bd4d8ea244,2025-05-28T14:28:48.270000 +CVE-2025-47050,1,1,edcadc5f81dc9b6673eda7f628eefc00ce62ecc63d7e6fe23e443baea03b8496,2025-06-10T23:15:51.257000 +CVE-2025-47051,1,1,cf7c2238063a88eec46059d37769ffc9c68efeffcae0b2f30299484d8e756662,2025-06-10T23:15:51.403000 +CVE-2025-47052,1,1,1af7e05438b5526d280bbedd08550cc60569cbc7654718939af1fc76037b7998,2025-06-10T23:15:51.553000 +CVE-2025-47055,1,1,2c33e531db8fc5fcc07e5f2442c0c6d60cc0fc13072470e7caa859bc0f9d4955,2025-06-10T23:15:51.697000 +CVE-2025-47056,1,1,97ab58d6bd71fcfe66fe37005675b3fe96e3ecb0e3f609537c61a44510ef0994,2025-06-10T23:15:51.840000 +CVE-2025-47057,1,1,beb92ea81953ef61681809fc094bcb2313133e09c2cae8c97158e872697d7c88,2025-06-10T23:15:51.987000 CVE-2025-4706,0,0,37fbcad1dcc67c0d3415bc2d8c8a8c5964ff77a04d14cdc548b905be1e5e0a90,2025-05-28T14:28:36.927000 +CVE-2025-47060,1,1,bdeb9bcf932d84c7d268ab8f4c301851bfb65dab90884fb43e5ffe8c7db00561,2025-06-10T23:15:52.133000 +CVE-2025-47062,1,1,c9955196b3cf2b65b2c3bd1a7a558c7e1e09a7c371a6d38175a8e26f8a575609,2025-06-10T23:15:52.287000 +CVE-2025-47063,1,1,4f1bd60e172befd974078f730876d71c0bd6651b00edd66419e388b2c451ec7b,2025-06-10T23:15:52.453000 +CVE-2025-47065,1,1,d42b3a0acd68f258a8a6d4763fa7e10ea531e31f7e6503b49f43aac32a1bc31f,2025-06-10T23:15:52.610000 +CVE-2025-47066,1,1,19982c351778e302e3113f28cd46b2494ae7b17f9720b34f324b09137271ec28,2025-06-10T23:15:52.760000 +CVE-2025-47067,1,1,f1551c6088cf56b338d01c4e071095e131ec217172729c6d6749d041dc5b8a4e,2025-06-10T23:15:52.907000 +CVE-2025-47068,1,1,bb0df9e5e6f9dba9912dff6b64249608046c374e464f830897b00e02cce4cc6e,2025-06-10T23:15:53.053000 +CVE-2025-47069,1,1,f2aeea6961a04d1bc90048928e36a3e367f2462a2e51d12d3c3b71c0d6fdff96,2025-06-10T23:15:53.210000 CVE-2025-4707,0,0,0c3566823c749ae08f2d7c15092e25f1178548119d9ff3e09e85b02218abe4ac,2025-05-28T14:22:27.307000 +CVE-2025-47070,1,1,7a46beceace794d0c28d1107fe68aa3a746d93ac5d5da133e39697bcb46e4995,2025-06-10T23:15:53.360000 +CVE-2025-47071,1,1,cf2b617f3b5b12695e07f66f3188506bcdfa0d3f28222e66a07d30f933ea13c0,2025-06-10T23:15:53.510000 +CVE-2025-47072,1,1,99eac62127cf44fb1e76f1cd52cb5e89fd625eb59c29c6a6dc1a5c5a7874bba0,2025-06-10T23:15:53.667000 +CVE-2025-47073,1,1,28061196dc27193984baf961fedfddd899db7037806d3d41145d0c133dc4ed4f,2025-06-10T23:15:53.813000 +CVE-2025-47074,1,1,b912e934a0a6430c3a5772c5a4dabd57fe3da57ed8772b9e7fe9a80ebe2e05ad,2025-06-10T23:15:53.960000 +CVE-2025-47075,1,1,ee3979cf426589c3ab418d8e52c93df001f344f1f2e5bf5d600d25154308067f,2025-06-10T23:15:54.103000 +CVE-2025-47076,1,1,953d8847fb0f2a51ff7878a2fe551d85b204e949bfd898dfa7d7a1ed448364f2,2025-06-10T23:15:54.250000 +CVE-2025-47077,1,1,39a9204df4133fe02090547114bd9c400b18c19b05b63d19f0feee8bfa68fd4a,2025-06-10T23:15:54.397000 +CVE-2025-47078,1,1,4b10bf7894bd909fdb13fe0e5b31d356cac47d5a2d968364b8dd06d61046f2a3,2025-06-10T23:15:54.547000 +CVE-2025-47079,1,1,7e0e0ac5d4d644139da9d9fe95580f042222c7631055ff65d85c730b939030e4,2025-06-10T23:15:54.690000 CVE-2025-4708,0,0,372aeaa38af4299e3c176a6f4836099c17e14900d5950df7b63983012e671715,2025-05-28T14:25:42.440000 +CVE-2025-47080,1,1,d52d6c7d03a814b29472d54ebfadcc6306345b8d51009a0ffe9a58682b70a9a1,2025-06-10T23:15:54.830000 +CVE-2025-47081,1,1,252be3c46767631cffa3715a2eae8ce54558df5544af0f9e29de36b813a4bdce,2025-06-10T23:15:54.980000 +CVE-2025-47082,1,1,80938b23d4f74c464a4068d9e9524743d3834c4ae7f8e02eea632f14b5c4efd1,2025-06-10T23:15:55.123000 +CVE-2025-47083,1,1,c94b291f009c4bb92795614547e9eac6cd8123e79a7918bba22bb705064a7d5e,2025-06-10T23:15:55.277000 +CVE-2025-47084,1,1,0ad959a21d8a29df39352550380a61e7ff4f835b0ae20c5b72dc3cc90bc0e98d,2025-06-10T23:15:55.430000 +CVE-2025-47085,1,1,be1bd422b289097c2ceb2f688f7e091f74129994210e536f4a856f2f7d6a85e6,2025-06-10T23:15:55.577000 +CVE-2025-47086,1,1,65ddfcc3b073a22fd9f4a4c4be11b25999a655c917aac5d7ca1c74bc8b21bd3d,2025-06-10T23:15:55.727000 +CVE-2025-47087,1,1,9c3c3d6e407f6ad88e1ffb0ebbac809323d7000b1f0582beaf9a7a6706ae17ef,2025-06-10T23:15:55.873000 +CVE-2025-47088,1,1,17183ac748760c291022df0a54baecf821dadc5ec7709f4d310e5daca2345836,2025-06-10T23:15:56.027000 +CVE-2025-47089,1,1,a1fc4ed50181ce28eb54a6f080bda6707e6704fdfcfc73c7ad8411aa3f8af259,2025-06-10T23:15:56.193000 CVE-2025-4709,0,0,780d1591f8757d666d59ef1d52d884893eef9ffb6a3dd794db8df81c60ae2aa7,2025-05-28T14:25:50.683000 +CVE-2025-47090,1,1,132b53dcc808ba3d44e4c9dac902e2e07847629311719af3506152e78f70d7c0,2025-06-10T23:15:56.350000 +CVE-2025-47091,1,1,1ffb56915904ca700f3d5d894e4846f201f2e5f07bffc45945284093200b0fa6,2025-06-10T23:15:56.500000 +CVE-2025-47092,1,1,8f37ff48e0b89aa730a8a716cf847bef20aaa791464f6dd228fb902b1df5d518,2025-06-10T23:15:56.647000 +CVE-2025-47093,1,1,965856de802e98e6aece0669303b7bdf79e3553174fce10402d6c47125c45429,2025-06-10T23:15:56.793000 +CVE-2025-47094,1,1,5ea8438cf45518fcee06c496cf181c781c34a4a24117e2f18d8f5f0fd4c6fd6b,2025-06-10T23:15:56.947000 +CVE-2025-47095,1,1,aa606ac29a8de553041948ed7145d92d0e972a2aa0ab872dc1a3664da87528f6,2025-06-10T23:15:57.097000 +CVE-2025-47096,1,1,ddd0be668532df6ba922ac65fa6211c38b1b9169362bba2cd2a51bffef17423c,2025-06-10T23:15:57.247000 CVE-2025-4710,0,0,e39d67cb76ce566e1fa070d7e96f2d3191895b08d95f46b970d158a013f006a6,2025-05-28T14:25:57.370000 +CVE-2025-47102,1,1,467f521eeaf17abba9fb70d77c9ddee44d0fc44837bb7d818ecbbc57119d46f1,2025-06-10T23:15:57.423000 CVE-2025-47104,0,0,ad5e27d9d0015d4bac6932b15f5c621d1e70469ea346e224f770fd2fddb4cbc1,2025-06-10T17:23:19.443000 CVE-2025-47105,0,0,06215a4d110f788cce09dd422ebaebbc53eb409aeceabf09df4b92214eddd629,2025-06-10T17:23:20.873000 CVE-2025-47106,0,0,c77417a949f1d028c64f8a97dbbd14475f9cf7a14bcda2f0bc8cfaa82369fb5c,2025-06-10T17:23:22.100000 @@ -295647,6 +295870,11 @@ CVE-2025-4711,0,0,21c8c473cfd0b8fb70049ba4f98b86bc8037c0e94662198ff53f909236b4a0 CVE-2025-47110,0,0,bc094b4579c57ac0b748fd5fe2b39afc172f6e77433289184299d33b0d2e21ca,2025-06-10T16:15:41.210000 CVE-2025-47111,0,0,e83630af857e1a44e18b243583132333eb77c3a5f9419833d4aed5a723e4b9ef,2025-06-10T19:15:33.507000 CVE-2025-47112,0,0,4b745a356740f8bd2800debc089e34965364b4ae2be226d6a4e86286a4e25556,2025-06-10T19:15:33.667000 +CVE-2025-47113,1,1,fb561bb48af68c93d507276f41f6dd2ea10d4d273e59cbc64105f3047a153db2,2025-06-10T23:15:57.583000 +CVE-2025-47114,1,1,35a7f35ce3a8d87ec455b8f4ccb7cd00ee12392f96b5f6f2526a41d6c0ac2647,2025-06-10T23:15:57.730000 +CVE-2025-47115,1,1,96a50ba62a99fc7c94f4fb24884234f7d46e40dd2ce16eab503248c6e1610cde,2025-06-10T23:15:57.877000 +CVE-2025-47116,1,1,17181a423a079c4165a95c8453aa77bd80ac57045a86446d64e360f42e579faa,2025-06-10T23:15:58.023000 +CVE-2025-47117,1,1,396344ef0705996e6d58b656784d377b343a6d072b49a1026dc76ab648ce9eb6,2025-06-10T23:15:58.173000 CVE-2025-4712,0,0,655cc7933dcbfa8299ca016577dc2e95743bc96639079a5634fc2b1e9ba99048,2025-05-27T14:10:29.530000 CVE-2025-4713,0,0,07deb6148a7b9c61da4f7b5f9679e8b0482f4bcf7e19d344fe5ec15e4b57121a,2025-05-27T14:10:47.117000 CVE-2025-4714,0,0,ea07a9f4689461c2a8f9423bf631226225cddda92ad9e10d96306967ff6a2ec2,2025-05-27T14:10:53.560000 @@ -295672,7 +295900,7 @@ CVE-2025-47172,0,0,37b1f918d2d8cd12a46066d1370faef412ec274022a5e7cfd297d45770e98 CVE-2025-47173,0,0,34a60018d8a0cbaea405dcaf7d0df458ec4e220258796ec21e49eeb054e44869,2025-06-10T17:23:53.543000 CVE-2025-47174,0,0,739934298fca1373ca3a9ec768d8cb3075baece01333323786bfc1d274b763d7,2025-06-10T17:23:55.607000 CVE-2025-47175,0,0,774f3b1bcfe86cfe94a341bd6264513635ae5c49df06414d37cdc1aa4ab8dd84,2025-06-10T17:23:57.607000 -CVE-2025-47176,0,1,747fd3b4c7745345c22b957134baade7dcd76b1b7799b23289e88025a6763b3c,2025-06-10T20:15:24.203000 +CVE-2025-47176,0,0,747fd3b4c7745345c22b957134baade7dcd76b1b7799b23289e88025a6763b3c,2025-06-10T20:15:24.203000 CVE-2025-4718,0,0,e197120a33051d36a3bdf1b0305cf7de5c5f5941a30eaf0eb2f8e25b8c33d5d8,2025-05-28T14:26:27.280000 CVE-2025-47181,0,0,aa11c9243cf9f21606fed813a8d7013ca1fc81a1699c797c7e93c8870c1ba872,2025-05-23T15:54:42.643000 CVE-2025-4719,0,0,8f45404e8c5e0b5372b6c6d3c18e425f04bef83b0b8978ee2807105e5fc3ce21,2025-05-28T14:26:35.423000 @@ -296010,6 +296238,7 @@ CVE-2025-4771,0,0,098fa6c5f50ab00bca1e41fbaecb02800df7623ac7bf2fda48146206c10d34 CVE-2025-47710,0,0,efb080a2ca87d31fc53e84646807eb619dd8ffb84063c97064b1c37508c6b60a,2025-06-10T15:24:50.570000 CVE-2025-47711,0,0,84134213c5152e1def5667fee36ba3a5b2be995d24d7708c58e002afb898ec35,2025-06-09T12:15:47.880000 CVE-2025-47712,0,0,36ab066e163c4ffc449059531315de23291a62b1378074f34cd0681da81a794c,2025-06-09T12:15:47.880000 +CVE-2025-47713,1,1,73cdc94bb93d27aed7526d48c29082a31e3da6594c1320cec78e4716519d2504,2025-06-10T23:15:58.320000 CVE-2025-4772,0,0,d0f3fa4362a8236e85b8ffd939fd0423a16232ac9a4ecc1b20eb2790c7640e3f,2025-05-21T20:59:39.237000 CVE-2025-47724,0,0,c392ae279a9c6e1324e9d9c71628ad9f2bd31920b4d617428838fa9f83dc2fa5,2025-06-04T14:54:33.783000 CVE-2025-47725,0,0,889f3515c44952cf57a8d17f0356726e20588e99515827ba927156d41cc6af64,2025-06-04T14:54:33.783000 @@ -296080,6 +296309,7 @@ CVE-2025-4782,0,0,7ad1545eb9e016317ccf1371b442ca29cb62e72aa504ad708f7f2767909134 CVE-2025-47827,0,0,e8e7d1db0126d69a3b1ce4ce3cd4a43b2b63ba3f83e4b78ec9433a4d6806ed2f,2025-06-10T15:15:25.270000 CVE-2025-47828,0,0,164436fe84b8d833a71f3fa8e7f3f39b64e2df889f4579512ca4cd1f99b4e769,2025-05-12T17:32:32.760000 CVE-2025-4783,0,0,bd5695c741cd6c06c07a958617e5fade1eea7d7c38bb9f2f382e0e33491cd176,2025-05-28T15:01:30.720000 +CVE-2025-47849,1,1,d80fcc52b5328cf7208f1ac68e6e8877930ba70982938ef3174ab9db8146f45b,2025-06-10T23:15:58.453000 CVE-2025-4785,0,0,11af03bace6c1c04331c5dddb8e99f128f61109ba1a035e35492e3dbcae57560,2025-05-21T21:00:19.110000 CVE-2025-47850,0,0,6ffc73421957f99914a384dd377153330e8c59407b63d74450ed145d56da1d54,2025-05-21T20:24:58.133000 CVE-2025-47851,0,0,bae42746a3d0b7b8a748ca2f4220c01f83bf85343adefcd6c74910e655b0981c,2025-05-28T21:13:48.670000 @@ -296357,7 +296587,7 @@ CVE-2025-48389,0,0,e0a06862dbd5de9d0e30b39ba95e12152ebb3f987c91aebc43d8b22f341a7 CVE-2025-4839,0,0,026d74f00e92e1df1d876b9f6b1cecb41d0bc701e988325a0cacac560f915dca,2025-06-04T20:11:58.047000 CVE-2025-48390,0,0,e08fc2fcf4792cfdc29a5c8dbd607faa716468223eb98fd8cb285bd470941f51,2025-05-30T16:31:03.107000 CVE-2025-48391,0,0,6ff3d1038c2add63bd7e7b8b38f9227bd17f067c0122feb999c7084ff1a9050a,2025-05-21T20:24:58.133000 -CVE-2025-4840,0,1,3b1c97ddd72e409860695abe86aa48a9d5ee61c6237b3931c5003fa86d580c94,2025-06-10T20:15:24.693000 +CVE-2025-4840,0,0,3b1c97ddd72e409860695abe86aa48a9d5ee61c6237b3931c5003fa86d580c94,2025-06-10T20:15:24.693000 CVE-2025-4841,0,0,9ef74f3a79e56684383036ff7085bf06d0eca4b2dbe84beb51e4af0435bfe603,2025-06-03T15:57:42.837000 CVE-2025-48413,0,0,b3b11f8a7ba8622574fd750e056164f0578951072345d9f4cba4efbb84a42403,2025-05-21T20:24:58.133000 CVE-2025-48414,0,0,e314f6955b624ffe6cbb1b252b69ac45f584829d39abb7e04746fd27a97f3f9b,2025-05-21T20:24:58.133000 @@ -296609,7 +296839,7 @@ CVE-2025-49128,0,0,be74e1e3636b4e3c68c2e5f707126adefa5b42c030884a0a961eb0fa96655 CVE-2025-4913,0,0,53b3af32223266d4fefa6288fa7668d3e6278e5d2f6f83bce997bdbd90d149c2,2025-05-19T17:37:22.390000 CVE-2025-49130,0,0,101994697265c4124b21893e7018192e4caf4f2ec31625a5dfcbe146cdb28e2a,2025-06-09T13:15:23.977000 CVE-2025-49131,0,0,cb5b50180e5eaa5b85e2d41a2bea84c06691db09851c0931186c9857c00a2951,2025-06-09T13:15:24.120000 -CVE-2025-49133,1,1,6dc99b4aaaec6406a38af880ef32fc2b0a0c99f5f31786d903de7ea67d6805fc,2025-06-10T20:15:24.337000 +CVE-2025-49133,0,0,6dc99b4aaaec6406a38af880ef32fc2b0a0c99f5f31786d903de7ea67d6805fc,2025-06-10T20:15:24.337000 CVE-2025-49136,0,0,f17c65c3fffc31c312f66268030c86b49b3a7486baa9ae080bc38b145e145f89,2025-06-10T14:15:30.510000 CVE-2025-49137,0,0,4ab0141317e92d7cc36a79e8d8b73bb39053a0d4d0cd444a2cb1522c3d9d7b0b,2025-06-10T16:15:41.880000 CVE-2025-49138,0,0,cf1ec877b517e9c0d5bc9ca79299af68ec9d1ed097304a7b91ea5fe7bfadcf7c,2025-06-10T16:15:41.983000 @@ -297437,10 +297667,12 @@ CVE-2025-5970,0,0,d7c94f11149aa2d1fa422037b5710258375a5e88a21be20512abe255cca0c0 CVE-2025-5971,0,0,a585731e3dcf519d6d97e5105421f7765406419a5d86aa36be35cba576add91e,2025-06-10T19:15:35.400000 CVE-2025-5972,0,0,7d178a84b419e58797ce23ea5013f3c0aa6df08095e8230fe08008da316229a5,2025-06-10T19:15:35.537000 CVE-2025-5973,0,0,f1c8ea086ca8937b6526c221e3ad36638865ad0af1f1cd81b5da818f15eee7e1,2025-06-10T19:15:35.727000 -CVE-2025-5974,1,1,339321be4c5ac9108cce5e98767fc5970ae083450218fa354fd8033f05a2527f,2025-06-10T20:15:24.923000 -CVE-2025-5975,1,1,9008eeb9527e9693001a3be4b45aa5cf8a88c8a44caffd0e0b12ea03a78b8ee2,2025-06-10T20:15:25.117000 -CVE-2025-5976,1,1,6867fdd2eea80fafea5defe2bbd68074fcd28406e4e3c12b1e1b2d17570ffa73,2025-06-10T20:15:25.297000 -CVE-2025-5977,1,1,f304c9ff5770b6781d3f20efc156d80096139af8a0274e3045f16c5bb9d0173f,2025-06-10T20:15:25.480000 -CVE-2025-5978,1,1,4e4d69a73c249e0a4a5dd907dae67dfe13fdf168bd6154e3a3a2e85793f26d9e,2025-06-10T21:15:22.793000 -CVE-2025-5979,1,1,d27c61690a89a70834e1ac7ec79b55e9c00b548ee2fa9335cb0305161ad45244,2025-06-10T21:15:22.970000 -CVE-2025-5980,1,1,e040dd481b18254b8331cc7db878c5d64b7a6be5a4fa7521d9ea11a576b92997,2025-06-10T21:15:23.150000 +CVE-2025-5974,0,0,339321be4c5ac9108cce5e98767fc5970ae083450218fa354fd8033f05a2527f,2025-06-10T20:15:24.923000 +CVE-2025-5975,0,0,9008eeb9527e9693001a3be4b45aa5cf8a88c8a44caffd0e0b12ea03a78b8ee2,2025-06-10T20:15:25.117000 +CVE-2025-5976,0,0,6867fdd2eea80fafea5defe2bbd68074fcd28406e4e3c12b1e1b2d17570ffa73,2025-06-10T20:15:25.297000 +CVE-2025-5977,0,0,f304c9ff5770b6781d3f20efc156d80096139af8a0274e3045f16c5bb9d0173f,2025-06-10T20:15:25.480000 +CVE-2025-5978,0,0,4e4d69a73c249e0a4a5dd907dae67dfe13fdf168bd6154e3a3a2e85793f26d9e,2025-06-10T21:15:22.793000 +CVE-2025-5979,0,0,d27c61690a89a70834e1ac7ec79b55e9c00b548ee2fa9335cb0305161ad45244,2025-06-10T21:15:22.970000 +CVE-2025-5980,0,0,e040dd481b18254b8331cc7db878c5d64b7a6be5a4fa7521d9ea11a576b92997,2025-06-10T21:15:23.150000 +CVE-2025-5984,1,1,23b7a2e2427c55d6b8b71bdfb3210e81fbbb4de6329b5126e67b10ed13442fce,2025-06-10T23:15:58.583000 +CVE-2025-5985,1,1,6446d10df39548f8cc9543e4c4495bd4e0a246e2b8805b29cf25763ee00bb5ed,2025-06-10T23:15:58.770000