Exposure of Adobe Experience Manager

CMS

219

exposure score

18,203

sites use

1

exploited

4

critical

CVEs

1,022 results

CVE-2025-54253CRITICALAdobe Experience Manager | Incorrect Authorization (CWE-863)EPSS 89.8%KEV CVE-2025-54254HIGHAdobe Experience Manager | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)EPSS 85.5%CVE-2019-8086—Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could leEPSS 24.3%CVE-2019-16469—Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitatEPSS 17.2%CVE-2019-7964—Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote codEPSS 10.2%CVE-2019-8088—Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. Successful exploitation could lead to arbitrEPSS 5.8%CVE-2025-54248HIGHAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 5.2%CVE-2025-54252MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 4.6%CVE-2018-5005—Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a Cross-site Scripting vulnerability. Successful exploitation could lead EPSS 3.9%CVE-2019-8087—Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could leEPSS 3.6%CVE-2019-8081—Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authentication bypass vulnerability. Successful exploitation could lead to sEPSS 3.3%CVE-2020-9645—Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. Successful exploitation couEPSS 3.3%CVE-2020-9643—Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could leaEPSS 3.3%CVE-2019-8082—Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead toEPSS 3.2%CVE-2020-3769—Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could leaEPSS 2.9%CVE-2019-7953—Adobe Experience Manager version 6.4 and ealier have a Cross-Site Request Forgery vulnerability. Successful exploitation could lead to SensiEPSS 2.8%CVE-2019-16468—Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. Successful exploitation cEPSS 2.6%CVE-2020-3741—Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled resource consumption vulnerability. Successful exploitation could lead tEPSS 2.6%CVE-2020-9647—Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (dom-based) vulnerability. Successful exploitation could lead EPSS 2.4%CVE-2020-9648—Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to arbitraryEPSS 2.4%

← previouspage 1 / 52next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →