Vulnerabilities > Adobe > Coldfusion > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-17 CVE-2023-44352 Unspecified vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe
6.1
2022-05-12 CVE-2022-28818 Unspecified vulnerability in Adobe Coldfusion
ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe
6.1
2021-04-15 CVE-2021-21087 Unspecified vulnerability in Adobe Coldfusion 2016/2018/2021.0.0.323925
Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 10 and earlier) and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability.
network
low complexity
adobe
5.4
2020-06-26 CVE-2020-3796 Unspecified vulnerability in Adobe Coldfusion 2016/2018
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an improper access control vulnerability.
network
low complexity
adobe
6.5
2020-06-26 CVE-2020-3767 Improper Input Validation vulnerability in Adobe Coldfusion 2016/2018
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an insufficient input validation vulnerability.
network
low complexity
adobe CWE-20
6.5
2019-05-24 CVE-2019-7092 Cross-site Scripting vulnerability in Adobe Coldfusion 11.0/2016/2018
ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a cross site scripting vulnerability.
network
low complexity
adobe CWE-79
6.1
2018-09-25 CVE-2018-15963 Unspecified vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a security bypass vulnerability.
network
low complexity
adobe
5.3
2018-09-25 CVE-2018-15962 Information Exposure vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a directory listing vulnerability.
network
low complexity
adobe CWE-200
5.3
2018-05-19 CVE-2018-4941 Cross-site Scripting vulnerability in Adobe Coldfusion 11.0/2016
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability.
network
low complexity
adobe CWE-79
6.1
2018-05-19 CVE-2018-4940 Cross-site Scripting vulnerability in Adobe Coldfusion 11.0/2016
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability.
network
low complexity
adobe CWE-79
6.1