CVE-2006-4726Cross-site Scripting in Adobe Coldfusion

3 documents3 sources
Severity
2.6LOWNVD
EPSS
2.1%
top 15.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Coldfusion
Timeline
PublishedSep 14
Latest updateMay 1

Description

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

NVDadobe/coldfusion6.1, 7.0, 7.0.1+2

Patches

Patch: secunia.comPatch: www.adobe.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-fgxq-rr9x-qcr5: Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 62022-05-01
CVEList
CVE-2006-4726: Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 62006-09-14
CVE-2006-4726 — Cross-site Scripting in Adobe | cvebase