CVE-2026-34691EPSS p14.6%

CVE-2026-34691CVE-2026-34691

adobe / experience_manager

Description

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field, potentially gaining elevated access or control over the victim's account or session. Scope is changed.

Scoring

CVSS 9.3 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
EPSS0.24% probability of exploitation · percentile 14.6% · 2026-06-18T12:00:27Z
Last modified2026-06-11

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-34694
CVE
CVE-2026-34693
CVE
CVE-2026-48297
CVE
CVE-2026-48299
CVE
CVE-2026-48301
CVE
CVE-2026-34692
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.