PT-2014-3678 · Adobe+1 · Coldfusion 10+5

Published

2014-10-15

Updated

2020-09-04

CVE-2014-0571

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Adobe ColdFusion 9.0 before Update 13 Adobe ColdFusion 9.0.1 before Update 12 Adobe ColdFusion 9.0.2 before Update 7 Adobe ColdFusion 10 before Update 14 Adobe ColdFusion 11 before Update 2

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For Adobe ColdFusion 9.0, apply Update 13 to resolve the issue. For Adobe ColdFusion 9.0.1, apply Update 12 to resolve the issue. For Adobe ColdFusion 9.0.2, apply Update 7 to resolve the issue. For Adobe ColdFusion 10, apply Update 14 to resolve the issue. For Adobe ColdFusion 11, apply Update 2 to resolve the issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALT-PU-2014-2269

CVE-2014-0571

Affected Products

Alt Linux

Coldfusion 10

Coldfusion 11

Coldfusion 9.0

Coldfusion 9.0.1

Coldfusion 9.0.2

PT-2014-3678 · Adobe+1 · Coldfusion 10+5

CVE-2014-0571

Weakness Enumeration

Related Identifiers

Affected Products

References · 9