CVE-2025-47010 is a stored Cross-Site Scripting (XSS) vulnerability affecting Adobe Experience Manager (AEM) versions 6.5.22 and earlier. This vulnerability allows a low-privileged attacker to inject malicious JavaScript code into vulnerable form fields within the AEM platform. When a victim subsequently visits the affected page containing the injected script, the malicious code executes in their browser context. The vulnerability is classified under CWE-79, indicating improper neutralization of input during web page generation. The CVSS v3.1 base score is 5.4 (medium severity), with the vector AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N, meaning the attack can be performed remotely over the network with low attack complexity, requires low privileges, and user interaction (visiting the page) is needed. The vulnerability impacts confidentiality and integrity by potentially allowing theft of session tokens, user credentials, or unauthorized actions performed on behalf of the user. Availability is not affected. The vulnerability scope is changed (S:C), indicating that the attack can affect resources beyond the vulnerable component. No known exploits are reported in the wild yet, and no patches or mitigation links are currently provided. Adobe Experience Manager is a widely used enterprise content management system, often deployed by large organizations for managing websites and digital assets, making this vulnerability significant in environments where AEM is used.

For European organizations, this vulnerability poses a risk primarily to confidentiality and integrity of user sessions and data. Since AEM is commonly used by enterprises, government agencies, and large institutions across Europe to manage web content and digital experiences, exploitation could lead to unauthorized access to sensitive information, session hijacking, or defacement of web content. This could damage organizational reputation, lead to data breaches involving personal or confidential data protected under GDPR, and disrupt business operations reliant on web services. The requirement for low privileges to exploit means insider threats or compromised low-level accounts could be leveraged. The need for user interaction (visiting a maliciously crafted page) means phishing or social engineering could be used to trigger the attack. Given the widespread use of AEM in sectors like finance, public administration, and media in Europe, the impact could be significant if exploited at scale.

European organizations using Adobe Experience Manager should immediately review their AEM deployments for the affected versions (6.5.22 and earlier). Although no official patches are currently listed, organizations should monitor Adobe security advisories closely for forthcoming updates. In the interim, implement strict input validation and output encoding on all form fields to prevent script injection. Employ Content Security Policy (CSP) headers to restrict execution of unauthorized scripts in browsers. Limit user privileges to the minimum necessary to reduce risk of low-privilege exploitation. Conduct security awareness training to reduce the risk of phishing attacks that could trigger the vulnerability. Additionally, implement web application firewalls (WAFs) with rules to detect and block common XSS payloads targeting AEM. Regularly audit and monitor logs for suspicious activity indicative of attempted exploitation. Finally, plan for rapid patch deployment once Adobe releases an official fix.