Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
References
Configurations
History
No history.
Information
Published : 2002-12-31 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2002-1700
Mitre link : CVE-2002-1700
CVE.ORG link : CVE-2002-1700
JSON object : View
Products Affected
microsoft
- internet_information_services
- windows_2000
macromedia
- coldfusion
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')