Adobe ColdFusion Unspecified XSS (APSB15-07) (credentialed check)
Medium Nessus Plugin ID 82780
SynopsisA web-based application running on the remote Windows host is affected by a cross-site scripting vulnerability.
DescriptionThe version of Adobe ColdFusion running on the remote Windows host is affected by an unspecified reflected cross-site scripting (XSS) vulnerability due to a failure to properly sanitize user-supplied input. A remote attacker, using a crafted request, can exploit this to execute arbitrary script code in the user's browser session.
SolutionApply the relevant hotfixes referenced in Adobe advisory APSB15-07.