A vulnerability was found in Adobe Experience Manager up to FP11.7 . It has been classified as problematic . Affected is an unknown function. This manipulation of the argument form causes cross site scripting. This vulnerability is registered as CVE-2026-27288 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.