Vulnerabilities fixed in Adobe ColdFusion

Adobe has fixed vulnerabilities in ColdFusion Specifically for versions 2023.12, 2021.18, 2025.0 and earlier. The vulnerabilities are in the way ColdFusion handles input validation, authentication, access and deserialization of untrusted data. Malicious parties can exploit these vulnerabilities t...

CVE-2025-30292

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...

Adobe ColdFusion 跨站脚本漏洞

Adobe ColdFusion is a set of rapid application development platform from the American company Audobee Adobe. The platform includes an integrated development environment and a scripting language. A cross-site scripting vulnerability exists in Adobe ColdFusion versions 2023.12, 2021.18, 2025.0 and...

PT-2025-15656 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier Description: The issue is related to an Improper Authentication vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverag...

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a suite of rapid application development platforms from the American company Audobee Adobe. The platform includes an integrated development environment and a scripting language. An input validation error vulnerability exists in Adobe ColdFusion versions 2023.12, 2021.18, 2025....