CVE-2002-1700
Macromedia Coldfusion - XSS
Title source: ruleDescription
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Macromedia · textremotecfm
https://www.exploit-db.com/exploits/21548
References (4)
Scores
EPSS
0.1634
EPSS Percentile
94.7%
Classification
CWE
CWE-79
Status
draft
Affected Products (3)
macromedia/coldfusion
microsoft/internet_information_services
microsoft/windows_2000
Timeline
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026