Vulnerability Details CVE-2026-47991
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Redirect (Open Redirect) vulnerability that could lead to account takeover. An attacker could construct a malicious URL that redirects a victim to an attacker-controlled site. Exploitation of this issue requires user interaction in that a victim must click on a malicious link.
Exploit prediction scoring system (EPSS) score
CVSS Severity
CVSS v3 Score 4.3