What is the severity of CVE-2016-4159?

CVE-2016-4159 has a moderate severity rating due to its potential for cross-site scripting attacks.

How do I fix CVE-2016-4159?

To fix CVE-2016-4159, ensure that your Adobe ColdFusion installation is updated to the latest version specified in the security advisories.

What type of vulnerability is CVE-2016-4159?

CVE-2016-4159 is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML.

What are the potential risks associated with CVE-2016-4159?

The potential risks associated with CVE-2016-4159 include unauthorized access and manipulation of web content, as well as possible phishing attacks.

Vulnerability/
CVE-2016-4159

medium

6.1

CWE

16/6/2016

6/8/2024

CVE-2016-4159: XSS

First published: Thu Jun 16 2016(Updated: )

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe ColdFusion	=10.0
Adobe ColdFusion	=10.0-update1
Adobe ColdFusion	=10.0-update10
Adobe ColdFusion	=10.0-update11
Adobe ColdFusion	=10.0-update12
Adobe ColdFusion	=10.0-update13
Adobe ColdFusion	=10.0-update14
Adobe ColdFusion	=10.0-update15
Adobe ColdFusion	=10.0-update16
Adobe ColdFusion	=10.0-update17
Adobe ColdFusion	=10.0-update18
Adobe ColdFusion	=10.0-update19
Adobe ColdFusion	=10.0-update2
Adobe ColdFusion	=10.0-update3
Adobe ColdFusion	=10.0-update4
Adobe ColdFusion	=10.0-update5
Adobe ColdFusion	=10.0-update6
Adobe ColdFusion	=10.0-update7
Adobe ColdFusion	=10.0-update8
Adobe ColdFusion	=10.0-update9
Adobe ColdFusion	=11.0
Adobe ColdFusion	=11.0-update1
Adobe ColdFusion	=11.0-update2
Adobe ColdFusion	=11.0-update3
Adobe ColdFusion	=11.0-update4
Adobe ColdFusion	=11.0-update5
Adobe ColdFusion	=11.0-update6
Adobe ColdFusion	=11.0-update7
Adobe ColdFusion	=11.0-update8
Adobe ColdFusion	=2016
Adobe ColdFusion	=2016-update1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-4159?
CVE-2016-4159 has a moderate severity rating due to its potential for cross-site scripting attacks.
How do I fix CVE-2016-4159?
To fix CVE-2016-4159, ensure that your Adobe ColdFusion installation is updated to the latest version specified in the security advisories.
What versions of Adobe ColdFusion are affected by CVE-2016-4159?
CVE-2016-4159 affects Adobe ColdFusion 10 before Update 20, 11 before Update 9, and the 2016 version before Update 2.
What type of vulnerability is CVE-2016-4159?
CVE-2016-4159 is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML.
What are the potential risks associated with CVE-2016-4159?
The potential risks associated with CVE-2016-4159 include unauthorized access and manipulation of web content, as well as possible phishing attacks.

agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/author
agent/severity
agent/softwarecombine
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe coldfusion
version/adobe coldfusion/10.0
version/adobe coldfusion/10.0-update1
version/adobe coldfusion/10.0-update10
version/adobe coldfusion/10.0-update11
version/adobe coldfusion/10.0-update12
version/adobe coldfusion/10.0-update13
version/adobe coldfusion/10.0-update14
version/adobe coldfusion/10.0-update15
version/adobe coldfusion/10.0-update16
version/adobe coldfusion/10.0-update17
version/adobe coldfusion/10.0-update18
version/adobe coldfusion/10.0-update19
version/adobe coldfusion/10.0-update2
version/adobe coldfusion/10.0-update3
version/adobe coldfusion/10.0-update4
version/adobe coldfusion/10.0-update5
version/adobe coldfusion/10.0-update6
version/adobe coldfusion/10.0-update7
version/adobe coldfusion/10.0-update8
version/adobe coldfusion/10.0-update9
version/adobe coldfusion/11.0
version/adobe coldfusion/11.0-update1
version/adobe coldfusion/11.0-update2
version/adobe coldfusion/11.0-update3
version/adobe coldfusion/11.0-update4
version/adobe coldfusion/11.0-update5
version/adobe coldfusion/11.0-update6
version/adobe coldfusion/11.0-update7
version/adobe coldfusion/11.0-update8
version/adobe coldfusion/2016
version/adobe coldfusion/2016-update1

CVE-2016-4159: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-4159?

How do I fix CVE-2016-4159?

What versions of Adobe ColdFusion are affected by CVE-2016-4159?

What type of vulnerability is CVE-2016-4159?

What are the potential risks associated with CVE-2016-4159?

Company

Resources

Contact