- Home
- CVEs with nessus.description==The version of Adobe ColdFusion running on the remote Windows host is affected by multiple vulnerabilities :
- Multiple cross-site scripting (XSS) vulnerabilities exist due to a failure to validate input before returning it to the user. A remote attacker can exploit these to inject arbitrary script or HTML into the user's browser session. (CVE-2015-8052, CVE-2015-8053)
- A flaw exists in BlazeDS related to request handling between a user and a server. A remote attacker can exploit this, via a crafted XML document, to send HTTP traffic to intranet servers, thus allowing the attacker to carry out a server-side request forgery attacks.
(CVE-2015-5255)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top