VYPR
Unrated severityNVD Advisory· Published Nov 18, 2015· Updated Jun 17, 2026

CVE-2015-5255

CVE-2015-5255

Description

Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.