CVE-2007-0817
Adobe ColdFusion - Cross-Site Scripting via User-Agent HTTP Header
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-0817. PoCs published by digi7al64.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Adobe ColdFusion by injecting a malicious script via the USER_AGENT parameter. The script executes arbitrary JavaScript in the context of the affected website, potentially allowing cookie theft or other attacks.
Description
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion web server allows remote attackers to inject arbitrary HTML or web script via the User-Agent HTTP header, which is not sanitized before being displayed in an error page.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Adobe ColdFusion by injecting a malicious script via the USER_AGENT parameter. The script executes arbitrary JavaScript in the context of the affected website, potentially allowing cookie theft or other attacks.