This host is running Adobe ColdFusion and is prone to multiple vulnerabilities

Successful exploitation will allow attackers to conduct cross-site scripting attacks and bypass certain security restrictions. Impact Level: Application

Upgrade to Adobe ColdFusion 10 Update 12 or later, https://www.adobe.com/cfusion/tdrc/index.cfm?product=coldfusion

Multiple flaws are due to, - Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. - An unspecified error can be exploited to gain unauthorised read access. No further information is currently available.

Adobe ColdFusion 10 before Update 12

Get the installed version of Adobe ColdFusion with the help of detect NVT and check the version is vulnerable or not.

• http://www.adobe.com/support/security/bulletins/apsb13-27.html
• http://www.kb.cert.org/vuls/id/295276
• http://xforce.iss.net/xforce/xfdb/88739

---

Updated on 2015-03-25