• ColdFusion Administrator Login Page is publicly available to any IP address. A good security practice is to limit access to this page to localhost or a list of fixed IP addresses.

• Limit access to the ColdFusion Administrator Login Page to localhost or a list of fixed IP addresses.

• • Is your ColdFusion Administrator Actually Public

• 

• CWE-16

• Configuration Insecure Admin Access

• Atlassian Jira DOM-based cross-site scripting vulnerability
• Your SSL certificate is about to expire
• WebDAV remote code execution
• IMAP weak password
• Padding oracle attack