Macromedia ColdFusion MX 7 Default Error Page Cross-Site Scripting Vulnerability

Macromedia ColdFusion MX 7 Default Error Page Cross-Site Scripting Vulnerability

Solution:
The vendor has released an advisory (MPSB05-03) addressing this issue. Please see the referenced advisory for details on obtaining and installing the appropriate updates.

The vendor recommends using an alternate Web server for the ColdFusion MX 7 installation, defining a different default error page, or downloading the available patch:

Macromedia ColdFusion MX 7.0

Macromedia chf70-60112.jar
http://download.macromedia.com/pub/coldfusion/hotfix/chf70-60112.jar