Unrated severityNVD Advisory· Published Nov 17, 2023· Updated Oct 11, 2024
ColdFusion | Improper Input Validation (CWE-20)
CVE-2023-44355
Description
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to impact a minor integrity feature. Exploitation of this issue does require user interaction.
Affected products
2>=2021 <2021.11 || >=2023 <2023.5+ 1 more
- (no CPE)range: >=2021 <2021.11 || >=2023 <2023.5
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- helpx.adobe.com/security/products/coldfusion/apsb23-52.htmlmitrevendor-advisory
News mentions
0No linked articles in our index yet.