VYPR
Unrated severityNVD Advisory· Published May 12, 2022· Updated Sep 16, 2024

ColdFusion Reflected Cross-Site Scripting could lead to Arbitrary Code Execution

CVE-2022-28818

Description

ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.