CNNVD-202507-1183 Information
CNNVD ID
CNNVD-202507-1183
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
Adobe ColdFusion是美国奥多比(Adobe)公司的一套快速应用程序开发平台。该平台包括集成开发环境和脚本语言。 Adobe ColdFusion 2025.2及之前版本、2023.14及之前版本和2021.20及之前版本存在跨站脚本漏洞,该漏洞源于反射型跨站脚本,可能导致恶意脚本执行。
Description (English)
Adobe ColdFusion is a fast-track application development platform for Adobe in the United States. The platform includes an integrated development environment and script language. Adobe ColdFusion 2025.2 and earlier, 2023.14 and earlier and 2021.20 and earlier there is a cross-site script loophole, which originates in reflective cross-site scripts and may lead to malicious script execution.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
奥多比
Published
2025-07-08
Last Modified
2026-02-24
References
https://helpx.adobe.com/security/products/coldfusion/apsb25-69.html https://nvd.nist.gov/vuln/detail/CVE-2025-49542
Patch
https://helpx.adobe.com/security/products/coldfusion/apsb25-69.html
Share on: