Unrated severityNVD Advisory· Published Feb 14, 2007· Updated Jun 16, 2026
CVE-2006-5860
CVE-2006-5860
Description
Cross-site scripting (XSS) vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Affected products
7cpe:2.3:a:adobe:coldfusion:6.1:*:enterprise_server:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:coldfusion:6.1:*:enterprise_server:*:*:*:*:*
- cpe:2.3:a:adobe:coldfusion:7.0:*:enterprise_multi-server:*:*:*:*:*
cpe:2.3:a:adobe:jrun:4.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:adobe:jrun:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:jrun:4.0_build_61650:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:jrun:4.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:adobe:jrun:4.0:sp1a:*:*:*:*:*:*
- (no CPE)range: =4.0
Patches
Vulnerability mechanics
References
8- www.adobe.com/support/security/bulletins/apsb07-05.htmlnvdPatch
- www.securityfocus.com/bid/22547nvdPatch
- osvdb.org/32122nvd
- secunia.com/advisories/24093nvd
- www.securitytracker.com/idnvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/0594nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/32475nvd
News mentions
0No linked articles in our index yet.