CVE-2017-3008
MEDIUMAdobe Coldfusion - XSS
Title source: ruleDescription
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability.
Scores
CVSS v3
6.1
EPSS
0.0048
EPSS Percentile
65.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (40)
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
adobe/coldfusion
... and 25 more
Timeline
Published
Apr 27, 2017
Tracked Since
Feb 18, 2026