Unrated severityNVD Advisory· Published May 12, 2022· Updated Sep 16, 2024
ColdFusion Reflected Cross-Site Scripting could lead to Arbitrary Code Execution
CVE-2022-28818
Description
ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Affected products
1- Range: unspecified
Patches
Vulnerability mechanics
References
1- helpx.adobe.com/security/products/coldfusion/apsb22-22.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.