Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2005-08-05T04:00:00
Updated: 2024-08-07T22:30:00.686Z
Reserved: 2005-08-05T00:00:00
Link: CVE-2005-2480

No data.

Status : Modified
Published: 2005-08-05T04:00:00.000
Modified: 2024-11-20T23:59:39.320
Link: CVE-2005-2480

No data.