Vulnerability Details CVE-2026-34694
Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.1%
CVSS Severity
CVSS v3 Score 5.9