What is the severity of CVE-2018-4941?

CVE-2018-4941 has a moderate severity rating, categorized as a cross-site scripting vulnerability.

How do I fix CVE-2018-4941?

To mitigate CVE-2018-4941, update to the latest version of Adobe ColdFusion, specifically versions after Update 5 for ColdFusion 11 and versions after Update 5 for ColdFusion 2016.

What types of systems are affected by CVE-2018-4941?

CVE-2018-4941 affects Adobe ColdFusion 11 and ColdFusion 2016 versions prior to their respective Update 6 releases.

What could an attacker do by exploiting CVE-2018-4941?

Exploitation of CVE-2018-4941 could allow an attacker to disclose sensitive information through cross-site scripting.

Is CVE-2018-4941 present in Adobe ColdFusion's later versions?

No, CVE-2018-4941 is not present in Adobe ColdFusion versions released after the necessary updates addressed the vulnerability.

Vulnerability/
CVE-2018-4941

medium

6.1

CWE

19/5/2018

5/8/2024

CVE-2018-4941: XSS

First published: Sat May 19 2018(Updated: )

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe ColdFusion	=11.0
Adobe ColdFusion	=11.0-update1
Adobe ColdFusion	=11.0-update10
Adobe ColdFusion	=11.0-update11
Adobe ColdFusion	=11.0-update12
Adobe ColdFusion	=11.0-update13
Adobe ColdFusion	=11.0-update2
Adobe ColdFusion	=11.0-update3
Adobe ColdFusion	=11.0-update4
Adobe ColdFusion	=11.0-update5
Adobe ColdFusion	=11.0-update6
Adobe ColdFusion	=11.0-update7
Adobe ColdFusion	=11.0-update8
Adobe ColdFusion	=11.0-update9
Adobe ColdFusion	=2016
Adobe ColdFusion	=2016-update1
Adobe ColdFusion	=2016-update2
Adobe ColdFusion	=2016-update3
Adobe ColdFusion	=2016-update4
Adobe ColdFusion	=2016-update5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-4941?
CVE-2018-4941 has a moderate severity rating, categorized as a cross-site scripting vulnerability.
How do I fix CVE-2018-4941?
To mitigate CVE-2018-4941, update to the latest version of Adobe ColdFusion, specifically versions after Update 5 for ColdFusion 11 and versions after Update 5 for ColdFusion 2016.
What types of systems are affected by CVE-2018-4941?
CVE-2018-4941 affects Adobe ColdFusion 11 and ColdFusion 2016 versions prior to their respective Update 6 releases.
What could an attacker do by exploiting CVE-2018-4941?
Exploitation of CVE-2018-4941 could allow an attacker to disclose sensitive information through cross-site scripting.
Is CVE-2018-4941 present in Adobe ColdFusion's later versions?
No, CVE-2018-4941 is not present in Adobe ColdFusion versions released after the necessary updates addressed the vulnerability.

collector/nvd-index
agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/last-modified-date
agent/weakness
agent/softwarecombine
agent/description
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/adobe
canonical/adobe coldfusion
version/adobe coldfusion/11.0
version/adobe coldfusion/11.0-update1
version/adobe coldfusion/11.0-update10
version/adobe coldfusion/11.0-update11
version/adobe coldfusion/11.0-update12
version/adobe coldfusion/11.0-update13
version/adobe coldfusion/11.0-update2
version/adobe coldfusion/11.0-update3
version/adobe coldfusion/11.0-update4
version/adobe coldfusion/11.0-update5
version/adobe coldfusion/11.0-update6
version/adobe coldfusion/11.0-update7
version/adobe coldfusion/11.0-update8
version/adobe coldfusion/11.0-update9
version/adobe coldfusion/2016
version/adobe coldfusion/2016-update1
version/adobe coldfusion/2016-update2
version/adobe coldfusion/2016-update3
version/adobe coldfusion/2016-update4
version/adobe coldfusion/2016-update5

Frequently Asked Questions

What is the severity of CVE-2018-4941?
CVE-2018-4941 has a moderate severity rating, categorized as a cross-site scripting vulnerability.
How do I fix CVE-2018-4941?
To mitigate CVE-2018-4941, update to the latest version of Adobe ColdFusion, specifically versions after Update 5 for ColdFusion 11 and versions after Update 5 for ColdFusion 2016.
What types of systems are affected by CVE-2018-4941?
CVE-2018-4941 affects Adobe ColdFusion 11 and ColdFusion 2016 versions prior to their respective Update 6 releases.
What could an attacker do by exploiting CVE-2018-4941?
Exploitation of CVE-2018-4941 could allow an attacker to disclose sensitive information through cross-site scripting.
Is CVE-2018-4941 present in Adobe ColdFusion's later versions?
No, CVE-2018-4941 is not present in Adobe ColdFusion versions released after the necessary updates addressed the vulnerability.

CVE-2018-4941: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-4941?

How do I fix CVE-2018-4941?

What types of systems are affected by CVE-2018-4941?

What could an attacker do by exploiting CVE-2018-4941?

Is CVE-2018-4941 present in Adobe ColdFusion's later versions?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2018-4941?

How do I fix CVE-2018-4941?

What types of systems are affected by CVE-2018-4941?

What could an attacker do by exploiting CVE-2018-4941?

Is CVE-2018-4941 present in Adobe ColdFusion's later versions?