Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1, when Global Script Protection is not enabled, allows remote malicious users to inject arbitrary HTML and web script via unknown vectors, possibly related to Linkdirect.cfm, Topnav.cfm, and Welcomedoc.cfm.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
adobe coldfusion 7.0 |
||
adobe coldfusion 7.0.1 |
Vulmon