CVE-2005-1555: XSS
First published: Tue May 10 2005(Updated: )
Cross-site scripting (XSS) vulnerability in the JRun Web Server in ColdFusion MX 7.0 allows remote attackers to inject arbitrary script or HTML via the URL, which is not properly quoted in the resulting default 404 error page.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe ColdFusion | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-1555?
CVE-2005-1555 has a medium severity rating due to its potential for cross-site scripting attacks.
How do I fix CVE-2005-1555?
To fix CVE-2005-1555, ensure that you update to a version of ColdFusion MX that is not affected by this vulnerability.
Who is affected by CVE-2005-1555?
CVE-2005-1555 affects users of Macromedia ColdFusion version 7.0.
What type of vulnerability is CVE-2005-1555?
CVE-2005-1555 is classified as a cross-site scripting (XSS) vulnerability.
What can attackers do with CVE-2005-1555?
Attackers can inject arbitrary script or HTML into the URL, exploiting the vulnerability on the default 404 error page.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/remedy
- agent/author
- agent/references
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/macromedia
- canonical/adobe coldfusion
- version/adobe coldfusion/7.0