Adobe have released updated version of ColdFusion web application development platform. This hotfix addresses a reflected cross site scripting vulnerability (CVE-2013-5326) that could be exploited by a remote, authenticated user on ColdFusion 10 and earlier when the CFIDE directory is exposed. This hotfix also addresses a vulnerability (CVE-2013-5328) in ColdFusion 10 that could permit unauthorized remote read access.
Affected versions:
- ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and Linux
More information can be read from Adobe's security bulletin.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment