VDB

GCVE-VVD-NCSC-2025-241

GCVE-VVD-NCSC-2025-241
Advisory PublishedCVSS 10.0/10
Vulnetix · Advisory published August 6, 2025
Adobe Experience Manager versions 6.5.23 and earlier, along with Adobe Experience Manager Forms in JEE, have vulnerabilities allowing arbitrary code execution due to misconfigurations and unspecified issues.
Download JSON Open in Console

Weaknesses (CWE)

CWE-863Incorrect AuthorizationCWE-611Improper Restriction of XML External Entity Reference

Risk Scores

CVSS 3.1
10.0/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
Adobevers:unknown/*

Aliases

CVE-2025-54253CVE-2025-54254

Transitive aliases

BDU:2025-09420VVD-CESS-2025-54253CNVD-2025-21173GHSA-6hv6-fgh2-5mjvWID-SEC-W-2025-1720NCSC-2025-0241BDU:2025-09480VVD-CESS-2025-54254CNVD-2025-21172EUVD-2025-23638GHSA-7mcc-8f7p-x6v7

References

advisory
advisory
advisory
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›