Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

BlueDragon <= 6.2.1.286 Multiple Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running BlueDragon, a ColdFusion Markup Language server. This version of BlueDragon is vulnerable to a Cross-Site Scripting (XSS) flaw where attackers can inject malicious scripting code that will run within the browser of BlueDragon clients. A second flaw would allow the attacker the ability to crash the application remotely, thereby denying services to legitimate users.

Solution

Upgrade or patch according to vendor recommendations.