Adobe ColdFusion CVE-2016-4264 XML External Entity Information Disclosure Vulnerability
Adobe ColdFusion is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
The following versions are vulnerable:
ColdFusion 11 Update 9 and prior.
ColdFusion 10 Update 20 and prior.