Unrated severityNVD Advisory· Published Aug 5, 2005· Updated Jun 16, 2026
CVE-2005-2480
CVE-2005-2480
Description
Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:macromedia:coldfusion_fusebox:4.1.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/14460nvdExploit
- secunia.com/advisories/16320nvdVendor Advisory
- marc.infonvd
- exchange.xforce.ibmcloud.com/vulnerabilities/21697nvd
News mentions
0No linked articles in our index yet.