vulnerability
APSB22-22: Security updates available for Adobe ColdFusion | APSB22-22 (CVE-2022-28818)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | 2022-05-12 | 2022-10-26 | 2022-10-26 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
2022-05-12
Added
2022-10-26
Modified
2022-10-26
Description
ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Solution(s)
adobe-coldfusion-2018-release-update-14adobe-coldfusion-2021-release-update-4
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.