Cross-site scripting (XSS) vulnerability in Adobe ColdFusion web server allows remote attackers to inject arbitrary HTML or web script via the User-Agent HTTP header, which is not sanitized before being displayed in an error page.
CPE | Name | Operator | Version |
---|---|---|---|
coldfusion | eq | 7.0.2 | |
coldfusion | eq | 6.1 | |
coldfusion | eq | 7.0.1 |