Unrated severityNVD Advisory· Published Feb 14, 2007· Updated Apr 23, 2026
CVE-2006-5860
CVE-2006-5860
Description
Cross-site scripting (XSS) vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Affected products
6cpe:2.3:a:adobe:coldfusion:6.1:*:enterprise_server:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:coldfusion:6.1:*:enterprise_server:*:*:*:*:*
- cpe:2.3:a:adobe:coldfusion:7.0:*:enterprise_multi-server:*:*:*:*:*
cpe:2.3:a:adobe:jrun:4.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:adobe:jrun:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:jrun:4.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:adobe:jrun:4.0:sp1a:*:*:*:*:*:*
- cpe:2.3:a:adobe:jrun:4.0_build_61650:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.adobe.com/support/security/bulletins/apsb07-05.htmlnvdPatch
- www.securityfocus.com/bid/22547nvdPatch
- osvdb.org/32122nvd
- secunia.com/advisories/24093nvd
- www.securitytracker.com/idnvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/0594nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/32475nvd
News mentions
0No linked articles in our index yet.