Lucene search

K
AdobeColdfusion2023

55 matches found

CVE
CVE
added 2025/07/08 9:15 p.m.8 views

CVE-2025-49539

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in a security feature bypass. A high-privileged attacker could leverage this vulnerability to access sensitive information. Explo...

4.5CVSS6.3AI score0.00065EPSS
CVE
CVE
added 2025/07/08 9:15 p.m.8 views

CVE-2025-49540

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

4.3CVSS5.1AI score0.00034EPSS
CVE
CVE
added 2025/07/08 9:15 p.m.8 views

CVE-2025-49541

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

4.3CVSS5.1AI score0.00034EPSS
CVE
CVE
added 2025/07/08 9:15 p.m.8 views

CVE-2025-49542

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of...

5.2CVSS5.6AI score0.00071EPSS
CVE
CVE
added 2025/08/18 5:15 p.m.4 views

CVE-2025-54234

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to limited file system read. A high-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Expl...

2.7CVSS7.2AI score0.00044EPSS
Total number of security vulnerabilities55