Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2023-11-17T13:31:31.903Z
Updated: 2024-08-02T20:07:33.117Z
Reserved: 2023-09-28T16:25:40.451Z
Link: CVE-2023-44352
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-11-17T14:15:21.693
Modified: 2023-11-23T03:36:27.907
Link: CVE-2023-44352
Redhat
No data.