Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1, when Global Script Protection is not enabled, allows remote malicious users to inject arbitrary HTML and web script via unknown vectors, possibly related to Linkdirect.cfm, Topnav.cfm, and Welcomedoc.cfm.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe coldfusion 7.0 |
||
adobe coldfusion 7.0.1 |