VDB
CVE-2026-47991
CVE-2026-47991
PUBLISHED
CVSS 4.3 MEDIUM
Reported by adobe · Published June 9, 2026
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Redirect (Open Redirect) vulnerability that could lead to account takeover. An attacker could construct a malicious URL that redirects a victim to an attacker-controlled site. Exploitation of this issue requires user interaction in that a victim must click on a malicious link.
Risk Scores
CVSS 3.1
4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Adobe Experience Manager | 0 |
| Adobe | Adobe Experience Manager | 0 |
Timeline
- Jun 9, 2026 CVE Published
- Jun 9, 2026 CVE Updated
- Jun 10, 2026 Coalition ESS Score
- Jun 12, 2026 Security Advisory