Exposição de Adobe Experience Manager

CMS

219

score de exposição

18.203

sites usam

1

em exploração

4

críticos

Análise Vexday

Com 1.022 CVEs catalogadas, o Adobe Experience Manager acumula um histórico de vulnerabilidades considerável, ainda que sua taxa de exploração ativa esteja abaixo da média geral do catálogo CISA KEV. A falha mais comum é CWE-79 (Cross-Site Scripting), o que indica exposição persistente a vetores de injeção de script no lado do cliente — um padrão relevante em plataformas de gerenciamento de conteúdo com amplas superfícies de entrada. Atenção especial deve ser dada ao CVE-2025-54253, atualmente a vulnerabilidade mais crítica em exploração ativa, com índice EPSS de aproximadamente 0,90, sinalizando altíssima probabilidade de exploração real e exigindo priorização imediata de mitigação. O volume de 61 CVEs surgidas nos últimos 90 dias reforça que a superfície de ataque da plataforma segue em expansão ativa, demandando monitoramento contínuo e ciclos de patching ágeis.

CVEs

1.022 resultados

CVE-2025-46905MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%CVE-2025-46922MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%CVE-2024-36238MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2026-48271MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2026-48258MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2026-47946MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2026-47947MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2026-48266MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2026-48265MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2026-48280MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2025-47096LOWAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2025-46913MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%CVE-2024-34128MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%CVE-2025-46844MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%CVE-2025-47049MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2025-46949MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%CVE-2025-47061MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%CVE-2025-46845MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%CVE-2025-46838MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2025-46996MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%

← anteriorpágina 35 / 52próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →