← back
CVE-2006-5859

CVE-2006-5859

EPSS 3.0%
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1, when Global Script Protection is not enabled, allows remote attackers to inject arbitrary HTML and web script via unknown vectors, possibly related to Linkdirect.cfm, Topnav.cfm, and Welcomedoc.cfm.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/32121http://secunia.com/advisories/24115http://www.adobe.com/support/security/bulletins/apsb07-03.htmlhttp://www.securityfocus.com/bid/22544http://www.securitytracker.com/id?1017644http://www.vupen.com/english/advisories/2007/0592