Intrusion Prevention



This indicates an attack attempt against a cross-site scripting (XSS) vulnerability in Adobe ColdFusion Server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted URL. It allows a remote attacker to inject arbitrary web script or HTML.

Affected Products

ColdFusion 8.0.1 and earlier versions


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site: