Lucene search
HistoryApr 15, 2015 - 10:59 a.m.
CVE-2015-0345
cve
2015
0345
cross-site scripting
xss
vulnerability
adobe
coldfusion
update
remote attackers
web script
html
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.021 Low
EPSS
Percentile
89.2%
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 16 and 11 before Update 5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
adobecoldfusionRange≤10.0update15
ORadobecoldfusionRange≤11.0update4
| CPE | Name | Operator | Version |
|---|---|---|---|
| adobe:coldfusion | adobe coldfusion | le | 10.0 |
| adobe:coldfusion | adobe coldfusion | le | 11.0 |
Related
nessus
nessus
Adobe ColdFusion Unspecified XSS (APSB15-07) (credentialed check)
2015-04-14 00:00:00
nvd
nvd
CVE-2015-0345
2015-04-15 10:59:00
cvelist
cvelist
CVE-2015-0345
2015-04-15 10:00:00
prion
prion
Cross site scripting
2015-04-15 10:59:00
threatpost
threatpost
April 2015 Microsoft Patch Tuesday Security Bulletins
2015-04-14 14:49:25
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.021 Low
EPSS
Percentile
89.2%
Related for CVE-2015-0345