CNNVD-202507-1182 Information

CNNVD ID

CNNVD-202507-1182

Related CVE

CVE-2025-49541

• CNNVD Published: 2025-07-08

Description (Chinese)

Adobe ColdFusion是美国奥多比（Adobe）公司的一套快速应用程序开发平台。该平台包括集成开发环境和脚本语言。 Adobe ColdFusion 2025.2及之前版本、2023.14及之前版本和2021.20及之前版本存在跨站脚本漏洞，该漏洞源于存储型跨站脚本，可能导致恶意脚本执行。

Description (English)

Adobe ColdFusion is a fast-track application development platform for Adobe in the United States. The platform includes an integrated development environment and script language. Adobe ColdFusion 2025.2 and earlier, 2023.14 and earlier and 2021.20 and earlier have a cross-site script loophole, which originates from a storage-type cross-site script and may lead to malicious script execution.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

奥多比

Published

2025-07-08

Last Modified

2026-02-24

References

https://helpx.adobe.com/security/products/coldfusion/apsb25-69.html

Patch

https://helpx.adobe.com/security/products/coldfusion/apsb25-69.html