Vulnerabilities > CVE-2005-1555 - Cross-Site Scripting vulnerability in Macromedia Coldfusion 7.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

macromedia

NVD

Published: 2005-05-10

Updated: 2017-07-11

Summary

Cross-site scripting (XSS) vulnerability in the JRun Web Server in ColdFusion MX 7.0 allows remote attackers to inject arbitrary script or HTML via the URL, which is not properly quoted in the resulting default 404 error page.

Vulnerable Configurations

Part	Description	Count
Application	Macromedia Macromedia Coldfusion 7.0	1

References

http://marc.info/?l=bugtraq&m=111575500403231&w=2
http://www.macromedia.com/devnet/security/security_zone/mpsb05-03.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/20550