Zuxncwaruio

**Name of the Vulnerable Software and Affected Versions** Macromedia ColdFusion versions 5 and earlier **Description** A cross-site scripting (XSS) issue exists in the validation feature, allowing remote attackers to inject arbitrary web script or HTML via a ` required` field. This occurs when the associated normal field is missing or empty and the input is not properly sanitized before being presented in an error message. **Recommendations** For Macromedia ColdFusion versions 5 and earlier, consider disabling the validation feature temporarily until a proper fix is available, or ensure that all input fields are properly sanitized to prevent arbitrary script injection.