CVE-2026-48259
CRITICAL
NVD
CVSS Score
9.6
Severity
CRITICAL
Published
Jul 14, 2026
Vendor
unknown
Description
Adobe Experience Manager is affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution in the context of the current user. A low-privileged attacker could leverage this vulnerability to issue unauthorized server-side requests, potentially gaining elevated access or control over the victim's account or session. Exploitation of this issue does not require user interaction. Scope is changed.