CVE-2006-6483

Name of the Vulnerable Software and Affected Versions Adobe ColdFusion MX versions prior to 7.0.2

Description The issue arises from improper filtering of HTML tags, allowing remote attackers to inject arbitrary web script or HTML. This can be achieved by including a NULL byte (%00) in certain HTML tags. For example, using "%00script" in a tag can demonstrate this exploit.

Recommendations For Adobe ColdFusion MX versions prior to 7.0.2, update to version 7.0.2 or later to resolve the issue.