CVE-2025-47110 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.1 CRITICAL	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
adobe	CNA	9.1 CRITICAL	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Vulnerability Media Exposure

[ENGLISH] Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps
Adobe on Tuesday pushed security updates to address a total of 254 security flaws impacting its software products, a majority of which affect Experience Manager (AEM). Of the 254 flaws, 225 reside in AEM, impacting AEM Cloud Service (CS) as well as all versions prior to and including 6.5.22. The issues have been resolved in AEM Cloud Service Release 2025.5 and version 6.5.23. "Successful
Published: 2025-06-10T23:59:00+05:30
[GERMAN] Patchday: Schadcode-Lücken in Adobe Acrobat, InDesign & Co. geschlossen
Adobes Entwickler haben mit Sicherheitsupdates mehrere Schwachstellen in verschiedenen Produkten geschlossen.
Published: 2025-06-11T07:53:00+00:00
[GERMAN] Adobe Magento: Mehrere Schwachstellen
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Adobe Magento ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsmaßnahmen zu umgehen oder seine Privilegien zu erweitern.
Published: 2025-06-10T22:00:00+00:00

References

https://helpx.adobe.com/security/products/magento/apsb25-50.html