![]() ![]() An attacker could abuse this vulnerability to execute arbitrary JavaScript code in context of the current user. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.Īdobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 10 and earlier) and 2021.25 are affected by an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |