Total
42100 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-27247 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27244 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27242 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27241 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27240 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27239 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27237 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27236 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27235 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27234 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27223 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27224 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27225 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27226 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-29176 | 1 Craftcms | 1 Craft Commerce | 2026-03-11 | N/A | 4.8 MEDIUM |
| Craft Commerce is an ecommerce platform for Craft CMS. Prior to 5.5.3, A stored XSS vulnerability exists in the Commerce Settings - Inventory Locations page. The Name field is rendered without proper HTML escaping, allowing an attacker to execute arbitrary JavaScript. This XSS triggers when an administrator (or user with product editing permissions) creates or edits a variant product. This vulnerability is fixed in 5.5.3. | |||||
| CVE-2026-29177 | 1 Craftcms | 1 Craft Commerce | 2026-03-11 | N/A | 5.4 MEDIUM |
| Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.10.2 and 5.5.3, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Craft Commerce Order details. Malicious JavaScript can be injected via the Shipping Method Name, Order Reference, or Site Name. When a user opens the order details slideout via a double-click on the order index page, the injected payload executes. This vulnerability is fixed in 4.10.2 and 5.5.3. | |||||
| CVE-2026-27228 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27229 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27230 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2026-27231 | 1 Adobe | 1 Experience Manager | 2026-03-11 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||