Adobe · Coldfusion · CVE-2005-1022
**Name of the Vulnerable Software and Affected Versions**
ColdFusion version 6.1
**Description**
The issue allows remote attackers to obtain sensitive information because Java .class files are placed under the web root in the /WEB-INF/cfclasses directory.
**Recommendations**
For ColdFusion version 6.1, consider restricting access to the /WEB-INF/cfclasses directory to minimize the risk of exploitation.