PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to modify the flow of execution of ColdFusion code by using an HTTP GET request to set a ColdFusion variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
paperthin commonspot content server |
||
paperthin commonspot content server 8.0.2 |
||
paperthin commonspot content server 8.0.1 |
||
paperthin commonspot content server 8.0.0 |