• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Macromedia ColdFusion MX 7 Default Error Page Cross-Site Scripting Vulnerability

Macromedia ColdFusion MX 7 is prone to a cross-site scripting vulnerability when utilizing the JRun Web Server. This issue is due to a failure in the application to properly sanitize user-supplied input prior to using it in dynamically generated content.

Macromedia JRun Web Server comes packaged with ColdFusion MX 7, users of that application are advised to upgrade their ColdFusion MX 7 installation.