VDB

CVE-2026-47991

CVE-2026-47991 PUBLISHED CVSS 4.3 MEDIUM

Reported by adobe · Published June 9, 2026

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Redirect (Open Redirect) vulnerability that could lead to account takeover. An attacker could construct a malicious URL that redirects a victim to an attacker-controlled site. Exploitation of this issue requires user interaction in that a victim must click on a malicious link.

Risk Scores

CVSS 3.1
4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected Products

VendorProductVersions
AdobeAdobe Experience Manager0
AdobeAdobe Experience Manager0

Timeline

  • Jun 9, 2026 CVE Published
  • Jun 9, 2026 CVE Updated
  • Jun 10, 2026 Coalition ESS Score
  • Jun 12, 2026 Security Advisory

References

  • vendor-advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›