Cross-site scripting (XSS) vulnerability in Adobe ColdFusion web server allows remote malicious users to inject arbitrary HTML or web script via the User-Agent HTTP header, which is not sanitized before being displayed in an error page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe coldfusion 7.0.1 |
||
adobe coldfusion 7.0.2 |
||
adobe coldfusion 6.1 |